24 Pull requests merged by 10 people

• Fix race condition in EventTest.PreventDefault_DoNotApplyByDefault

  #63384 merged Aug 23, 2025

• Avoid having a separate global.json for template tests

  #63386 merged Aug 23, 2025

• [automated] Merge branch 'release/10.0' => 'main'

  #63391 merged Aug 22, 2025

• [release/10.0] Source code updates from dotnet/dotnet

  #63373 merged Aug 22, 2025

• Enhance workflow with .NET installation steps for MCP servers

  #63387 merged Aug 22, 2025

• Use sdk paths!

  #62619 merged Aug 22, 2025

• Don't add "unknown" to Blazor metrics tags when values are null

  #63351 merged Aug 22, 2025

• [main] (deps): Bump src/submodules/googletest from 244cec8 to 6986c2b

  #63380 merged Aug 22, 2025

• [main] (deps): Bump dotnet/arcade from fac534d85b77789bd4daf2b4c916117f1ca381e7 to f2cdf946c00a12a2c283835bb41ddc2255832055

  #63381 merged Aug 22, 2025

• Unblock NavigationLock_OverlappingNavigationsCancelExistingNavigations_HistoryNavigation

  #63357 merged Aug 22, 2025

• Fix help option formatting to use comma-space separator instead of pipe

  #63284 merged Aug 22, 2025

• [automated] Merge branch 'release/10.0' => 'main'

  #63372 merged Aug 22, 2025

• [release/10.0] Quarantine tests in RazorRuntimeCompilationHostingStartupTest.cs

  #63368 merged Aug 21, 2025

• Fix SetCookieHeaderValue.TryParse throwing ArgumentOutOfRangeException for Max-Age overflow

  #63323 merged Aug 21, 2025

• [automated] Merge branch 'release/10.0' => 'main'

  #63369 merged Aug 21, 2025

• [automated] Merge branch 'release/10.0-rc1' => 'release/10.0'

  #63362 merged Aug 21, 2025

• remove 2.1 mention

  #63339 merged Aug 21, 2025

• [release/10.0-rc1] fix arcade reference in inter-branch-merge-flow.yml

  #63361 merged Aug 21, 2025

• [release/10.0] Bump form-data from 4.0.2 to 4.0.4

  #63335 merged Aug 21, 2025

• [release/10.0] Source code updates from dotnet/dotnet

  #63327 merged Aug 21, 2025

• Update milestones for rc2

  #63359 merged Aug 21, 2025

• Re-enable FormWithParentBindingContextTest.CanUseFormWithMethodGet

  #63356 merged Aug 21, 2025

• Fixes in PrefixResolver

  #63334 merged Aug 21, 2025

• Quarantine tests in RazorRuntimeCompilationHostingStartupTest.cs

  #63358 merged Aug 21, 2025

10 Pull requests opened by 7 people

• Image Component for Blazor

  #63360 opened Aug 21, 2025

• [Static Assets] Consume `original-resource` instead of the `Etag`

  #63379 opened Aug 22, 2025

• [release/10.0-rc2] Don't add "unknown" to Blazor metrics tags when values are null

  #63383 opened Aug 22, 2025

• [Perf] E2E chrome usage on CI

  #63388 opened Aug 22, 2025

• Add Changelog for SignalR typescript client

  #63392 opened Aug 22, 2025

• Fix Directory Browser accessibility

  #63393 opened Aug 22, 2025

• [release/10.0-rc1] Source code updates from dotnet/dotnet

  #63395 opened Aug 23, 2025

• [release/10.0] [Static Assets] Consume `original-resource` instead of the `Etag`

  #63397 opened Aug 23, 2025

• Unquarantine RevalidatingServerAuthenticationStateProviderTest.SuppliesCancellationTokenThatSignalsWhenRevalidationLoopIsBeingDiscarded

  #63399 opened Aug 23, 2025

• Unquarantine RendererSynchronizationContextTest.Post_CanRunAsynchronously_WhenBusy_Exception

  #63400 opened Aug 23, 2025

54 Issues closed by 11 people

• MapStaticAssets not working when combined with RequireAuthenticatedUser

  #61385 closed Aug 23, 2025

• Quarantine Microsoft.AspNetCore.Components.E2ETest.ServerExecutionTests.ServerEventTest.PreventDefault_DotNotApplyByDefault

  #62533 closed Aug 23, 2025

• Getting BLAZOR106 on Linux runners

  #63389 closed Aug 23, 2025

• Un-serious Bug??

  #56003 closed Aug 23, 2025

• Use Huffman code in HPackEncoder

  #4742 closed Aug 22, 2025

• Bad wwwroot path in Blazor 9 with ubuntu 24 and ProcessStartInfo

  #63295 closed Aug 22, 2025

• Perf improvement: fortunes_dapper

  #63390 closed Aug 22, 2025

• Process memory increase while heap size does not

  #29474 closed Aug 22, 2025

• [Benchmarks] ApiCrudAdd/DeleteUpdate benchmarks broken

  #48680 closed Aug 22, 2025

• Slow perf regression

  #44926 closed Aug 22, 2025

• [Performance] Long NativeAOT builds on Benchmarks.csproj

  #46139 closed Aug 22, 2025

• OpenApi throws InvalidOperationException: JsonPropertyInfo

  #63378 closed Aug 22, 2025

• Perf improvement: antiforgery-generation, https

  #63366 closed Aug 22, 2025

• Perf regression: fortunes, fortunes_ef, https

  #63309 closed Aug 22, 2025

• Perf regression: fortunes

  #63310 closed Aug 22, 2025

• Perf improvement: antiforgery-generation, json

  #63354 closed Aug 22, 2025

• Perf improvement: fortunes_dapper

  #63308 closed Aug 22, 2025

• Perf improvement: fortunes, json_middleware

  #63300 closed Aug 22, 2025

• Perf improvement: json

  #63297 closed Aug 22, 2025

• Perf improvement: antiforgery-generation, updates

  #63281 closed Aug 22, 2025

• Perf regression: fortunes, fortunes

  #63198 closed Aug 22, 2025

• Perf regression: json

  #63158 closed Aug 22, 2025

• Perf regression: caching, fortunes, fortunes_dapper

  #63123 closed Aug 22, 2025

• Perf regression: json, json, kestrel-encoded-url

  #63122 closed Aug 22, 2025

• Perf regression: json, json, json

  #63044 closed Aug 22, 2025

• Perf improvement: json_middleware

  #63043 closed Aug 22, 2025

• Perf regression: antiforgery-generation, json_middleware

  #63031 closed Aug 22, 2025

• Perf improvement: fortunes, json, kestrel-hostheader-mismatch

  #62918 closed Aug 22, 2025

• Perf regression: fortunes

  #62850 closed Aug 22, 2025

• Perf regression: kestrel-encoded-url

  #62743 closed Aug 22, 2025

• Perf regression: multiple_queries, updates

  #62694 closed Aug 22, 2025

• Perf regression: antiforgery-noop, antiforgery-validation, single_query

  #62462 closed Aug 22, 2025

• Perf regression: caching

  #62449 closed Aug 22, 2025

• Perf regression: json, json, kestrel-hostheader-mismatch

  #62324 closed Aug 22, 2025

• Perf regression: antiforgery-generation, json

  #62208 closed Aug 22, 2025

• Perf regression: kestrel-encoded-url, kestrel-encoded-url, kestrel-header-symbols

  #62061 closed Aug 22, 2025

• Perf regression: antiforgery-generation, json_middleware

  #63367 closed Aug 22, 2025

• Perf improvement: fortunes

  #63374 closed Aug 22, 2025

• Perf regression: fortunes

  #63375 closed Aug 22, 2025

• ProblemDetails payload differs between Development and custom environment for JSON model-binding failure (Minimal APIs + AddProblemDetails + UseExceptionHandler)

  #63331 closed Aug 22, 2025

• UseStaticFiles does compression on publish with .net9

  #59518 closed Aug 22, 2025

• Don't add "unknown" to Blazor metrics

  #63350 closed Aug 22, 2025

• Quarantine Microsoft.AspNetCore.Components.E2ETest.ServerExecutionTests.ServerRoutingTest.NavigationLock_OverlappingNavigationsCancelExistingNavigations_HistoryNavigation

  #61080 closed Aug 22, 2025

• Perf improvement: fortunes

  #63346 closed Aug 22, 2025

• [NETSDKE2E]CoreFX symbols are missing for IL symbols on 17.14.13 Preview 1 + 10.0.100-rc.1.25418.116 (runtime-10.0.100-rc.1.25418.116).

  #63344 closed Aug 22, 2025

• dotnet dev-certs/user-secrets/user-jwts --help option formatting issue

  #62716 closed Aug 22, 2025

• Yarp need to be configured explicitly for @react-refresh

  #63258 closed Aug 22, 2025

• Microsoft.Net.Http.Headers.SetCookieHeaderValue.TryParse throws System.ArgumentOutOfRangeException

  #61735 closed Aug 21, 2025

• Create options pattern for providing an XmlRepository for storing Data Protection keys.

  #59971 closed Aug 21, 2025

• Quarantine `FormWithParentBindingContextTest.CanUseFormWithMethodGet`

  #61882 closed Aug 21, 2025

• Model not created on post with EditForm

  #61341 closed Aug 21, 2025

• Quarantine NavigationManagerUriGetsUpdatedOnEnhancedNavigation_BothServerAndWebAssembly(

  #61143 closed Aug 21, 2025

• Perf regression: antiforgery-noop

  #63347 closed Aug 21, 2025

• OpenApi: Multiple array properties of the same type do not get the correct type reference

  #63353 closed Aug 21, 2025

10 Issues opened by 9 people

• Perf regression: fortunes

  #63402 opened Aug 23, 2025

• Perf improvement: multiple_queries

  #63401 opened Aug 23, 2025

• [Blazor] Provide a helper to attach ResourceCollection metadata to other endpoints

  #63398 opened Aug 23, 2025

• data-enhance-nav="false" still triggers fetch calls for same-page anchors

  #63396 opened Aug 23, 2025

• ASP.NET Core 10.0: Built-in Validation with IValidatableObject

  #63394 opened Aug 23, 2025

• Mvc SelectTagHelper name property can't working

  #63382 opened Aug 22, 2025

• Blazor WASM don't really build

  #63377 opened Aug 22, 2025

• Misleading documentation in UserStore

  #63370 opened Aug 21, 2025

• Support AuthorizationPolicy and IAuthorizationRequirementData endpoint metadata everywhere not just AuthorizationMiddleware

  #63365 opened Aug 21, 2025

• `ETag header not found` error when running release build of app with compressed resources

  #63364 opened Aug 21, 2025

217 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Fix memory leaks in CertificateManager by improving certificate disposal patterns

  #63321 commented on Aug 21, 2025 • 5 new comments

• Fix timezone issue in dev-certs: use DateTimeOffset.UtcNow instead of DateTimeOffset.Now

  #63285 commented on Aug 22, 2025 • 5 new comments

• Fix FromKeyedServicesAttribute and FromServicesAttribute to support derived types across all generators

  #63114 commented on Aug 21, 2025 • 2 new comments

• Support the new QUERY HTTP method

  #61089 commented on Aug 22, 2025 • 0 new comments

• Support for Custom JWT Keys in Identity for Stateless Authentication

  #60302 commented on Aug 22, 2025 • 0 new comments

• `openapi/v1.json` is broken when `DefaultParameterValue` literal argument is not properly assigned.

  #60019 commented on Aug 22, 2025 • 0 new comments

• Add authentication failure reason to AuthN metrics

  #60467 commented on Aug 22, 2025 • 0 new comments

• Microsoft.Extensions.ApiDescription.Server : After build, OpenAPI specification file isn't present in the build result

  #59334 commented on Aug 22, 2025 • 0 new comments

• BlazorWebAppOidc AddOpenIdConnect with GetClaimsFromUserInfoEndpoint = true doesn't propogate role claims to client

  #58826 commented on Aug 22, 2025 • 0 new comments

• Set content-type to `application/problem+json` for generic TypedResults with T=ProblemDetails

  #58574 commented on Aug 22, 2025 • 0 new comments

• Razor regression in ASP .NET Core 9.0 (script type=importmap and others)

  #58973 commented on Aug 22, 2025 • 0 new comments

• Blazor Templates That Support WebAuthN (Passkeys)

  #58571 commented on Aug 22, 2025 • 0 new comments

• Move ProblemDetails outside of Asp.Net Core

  #58551 commented on Aug 22, 2025 • 0 new comments

• Hot reloading with SPA proxy

  #44403 commented on Aug 22, 2025 • 0 new comments

• SignInInterceptor - Use case = Force user to change password

  #42669 commented on Aug 22, 2025 • 0 new comments

• Identity login uses PasswordSignInAsync with Input.Email as username so username and email of account need to be the same

  #44660 commented on Aug 22, 2025 • 0 new comments

• Critical Bug: Blazor Server @onclick events do not fire on new projects with recent .NET 8 SDKs.

  #63205 commented on Aug 21, 2025 • 0 new comments

• Update OpenTelemetry semantic conventions to include AuthN/AuthZ metrics

  #60468 commented on Aug 22, 2025 • 0 new comments

• MapOpenApi writes invalid json if example contains OpenApiDouble and CurrentCulture formats doubles with comma

  #60628 commented on Aug 22, 2025 • 0 new comments

• Stop shipping new versions of the Microsoft.AspnetCore.Authentication.Google package

  #61817 commented on Aug 22, 2025 • 0 new comments

• [Identity] AddApiEndpoints() breaks custom SignInManager<TUser>.

  #61595 commented on Aug 22, 2025 • 0 new comments

• AdditionalScopesToConsent seemingly being ignored

  #61610 commented on Aug 22, 2025 • 0 new comments

• Blazor WebAssembly + MSAL: Token not refreshing when using localStorage for cacheLocation

  #61960 commented on Aug 22, 2025 • 0 new comments

• ASP.NET Certificate Authentication Fails with PartialChain When Intermediate Is Included in Client Certificate

  #61900 commented on Aug 22, 2025 • 0 new comments

• Creating an MVC/Razor pages project with a space in its name breaks the styling

  #62679 commented on Aug 22, 2025 • 0 new comments

• Follow-ups for passkey support in ASP.NET Core Identity

  #62347 commented on Aug 22, 2025 • 0 new comments

• Determine how to best help customers migrate their databases to include passkeys

  #62467 commented on Aug 22, 2025 • 0 new comments

• Ensure that all `FromKeyedServicesAttribute` and `FromServiceAttributes` check for derived types

  #63113 commented on Aug 22, 2025 • 0 new comments

• [Identity] Document JSON.stringify() fallback for various password managers

  #63078 commented on Aug 22, 2025 • 0 new comments

• Optimistic Concurrency Lock Support in `IDistributedCache`

  #47596 commented on Aug 22, 2025 • 0 new comments

• OpenApi generation OpenApiSchemaComparer fails with null values for Properties, AllOf, or AnyOf

  #59507 commented on Aug 22, 2025 • 0 new comments

• Test failure: no exception in UserManagerWillUseTokenProviderInstanceOverDefaults

  #57361 commented on Aug 22, 2025 • 0 new comments

• Understand allocations discrepancies in Json benchmarks

  #45330 commented on Aug 22, 2025 • 0 new comments

• The HttpClient handler that injects tokens has a hardcoded refresh buffer of 5 minutes for attempting a refresh

  #60118 commented on Aug 22, 2025 • 0 new comments

• dotnet watch stops detecting changes, crashes and corrupts terminal

  #37462 commented on Aug 22, 2025 • 0 new comments

• Blazor WebAssembly hot reload support broken when changing environment from Development

  #39269 commented on Aug 22, 2025 • 0 new comments

• Use vdir environment variable when injecting browser refresh script

  #39762 commented on Aug 22, 2025 • 0 new comments

• Blazor hot reload of scoped css loses referenced css

  #42332 commented on Aug 22, 2025 • 0 new comments

• Support disabling auto-injection of browser refresh JavaScript via launch profile property

  #44805 commented on Aug 22, 2025 • 0 new comments

• Meta Issue - Data Protection keyring sync/creation race investigation

  #36157 commented on Aug 22, 2025 • 0 new comments

• Running ASP.NET Core application with PublishTrimmed set in visual studio makes Microsoft.AspNetCore.Watch.BrowserRefresh fail to execute

  #35174 commented on Aug 22, 2025 • 0 new comments

• LinkGenerator generate wrong links across areas (2)

  #31476 commented on Aug 22, 2025 • 0 new comments

• Refreshing auth tokens for SignalR

  #5297 commented on Aug 22, 2025 • 0 new comments

• Ability to set port for browser refresh websocket connection when using dotnet watch

  #39765 commented on Aug 22, 2025 • 0 new comments

• Host stopped and disposed twice when WebApplicationFactory<> is used with the minimal api

  #40271 commented on Aug 22, 2025 • 0 new comments

• Resource indicators are missing in access token request

  #41176 commented on Aug 22, 2025 • 0 new comments

• Add a Redis-backed token bucket RateLimiter implementation

  #41861 commented on Aug 22, 2025 • 0 new comments

• Support config-based options for different authentication schemes

  #42170 commented on Aug 22, 2025 • 0 new comments

• [certs] Full chain support followup

  #43193 commented on Aug 22, 2025 • 0 new comments

• Write custom authentication failure information to the response body

  #44100 commented on Aug 22, 2025 • 0 new comments

• Updating to .NET 8 Preview 1 breaks AuthorizationEndpoint query on AddGoogle

  #47054 commented on Aug 22, 2025 • 0 new comments

• When the dev-certs rotate, the exported PEM files for the SPA templates are not

  #46134 commented on Aug 22, 2025 • 0 new comments

• IClaimsTransformation do not automagically compose

  #46120 commented on Aug 22, 2025 • 0 new comments

• Logs filled with critical exceptions from Kestrel/Quic

  #45105 commented on Aug 22, 2025 • 0 new comments

• Router incorrectly calls SetParametersAsync multiple times

  #44781 commented on Aug 22, 2025 • 0 new comments

• amr claim lost after ClaimPrincipal renewal

  #44666 commented on Aug 22, 2025 • 0 new comments

• Only call AddDataProtection in Authentication Services that require it

  #47410 commented on Aug 22, 2025 • 0 new comments

• [dotnet-sdk-10.0.100-preview.1.25110.2] Some blazor apps get "Failed to load resource: the server responded with a status of 404" error after retagrt to .NET 10

  #60366 commented on Aug 23, 2025 • 0 new comments

• Unexpected Syntax Error in blazor.web.js on iOS Versions Below 17 in .NET 9 Preview 7

  #57326 commented on Aug 23, 2025 • 0 new comments

• Blazor-Web-Initializers comment is not added to the DOM by blazor.web.js when the page is using SSR and the page is cached using Cloudflare

  #55781 commented on Aug 23, 2025 • 0 new comments

• MapStaticAssets and Minimal APIs not working as expected

  #58937 commented on Aug 23, 2025 • 0 new comments

• MapStaticFiles suppress UseStaticFile

  #58942 commented on Aug 23, 2025 • 0 new comments

• UserManager.AddToRoleAsync() will throw InvalidOperationException because of entity already tracked

  #63296 commented on Aug 24, 2025 • 0 new comments

• Helix failure `EPT_S_NOT_REGISTERED`

  #57416 commented on Aug 24, 2025 • 0 new comments

• Known Build Error: error : Cannot create a file when that file already exists.

  #61178 commented on Aug 24, 2025 • 0 new comments

• Known Build Error: ProcessBufferedRenderBatches_WritesRenders fails

  #61807 commented on Aug 24, 2025 • 0 new comments

• [Known Build Error] Failed webcil conversion: image is too small

  #61987 commented on Aug 24, 2025 • 0 new comments

• [Known Build Error] Ssl connection could not be established

  #62008 commented on Aug 24, 2025 • 0 new comments

• [Known Build Error] `QuicConnectionContextTests.StreamPool_Heartbeat_ExpiredStreamRemoved`

  #62308 commented on Aug 24, 2025 • 0 new comments

• [Known Build Error] `NavigationException_InAsyncContext_DoesNotBecomeUnobservedTaskException` fails with `ObjectDisposedException`

  #62672 commented on Aug 24, 2025 • 0 new comments

• Known Build Error: Could not copy

  #62807 commented on Aug 24, 2025 • 0 new comments

• [Known build issue] `Interop.FunctionalTest` fail

  #63147 commented on Aug 24, 2025 • 0 new comments

• feat(DataProtection): add overloads for PersistKeysToStackExchangeRedis to accept IServiceProvider

  #62759 commented on Aug 21, 2025 • 0 new comments

• Add support for .slnx file exclusion in BaselineTest

  #62767 commented on Aug 23, 2025 • 0 new comments

• [WIP] Update to wix5

  #62885 commented on Aug 23, 2025 • 0 new comments

• Added usage of TimeProvider instead of DateTimeOffset

  #63042 commented on Aug 21, 2025 • 0 new comments

• Improve enhanced navigation suppression in tests

  #63132 commented on Aug 21, 2025 • 0 new comments

• Added Culture persistence between Client and Server

  #63144 commented on Aug 21, 2025 • 0 new comments

• [9.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key

  #63249 commented on Aug 21, 2025 • 0 new comments

• [release/8.0] Make duplicate deb/rpm packages so we can sign them with the new PMC key

  #63250 commented on Aug 21, 2025 • 0 new comments

• Docs: Add instructions for viewing build-time OpenAPI logs with Terminal Logger

  #63251 commented on Aug 21, 2025 • 0 new comments

• [release/8.0] Update dependencies from dotnet/source-build-reference-packages

  #63261 commented on Aug 22, 2025 • 0 new comments

• Fix ReDoS in Bootstrap sample

  #63264 commented on Aug 22, 2025 • 0 new comments

• Missing doc: How should paths starting with /_framework be resolved?

  #49816 commented on Aug 22, 2025 • 0 new comments

• `dotnet watch` ignores `StaticWebAssetBasePath` for third-party library

  #47802 commented on Aug 22, 2025 • 0 new comments

• Adding a constructor to a controller breaks hot reloading (dotnet watch)

  #49226 commented on Aug 22, 2025 • 0 new comments

• Static assets doesn't serve content files that are linked from a location outside of the project

  #51392 commented on Aug 22, 2025 • 0 new comments

• Investigate performance of Antiforgery

  #50065 commented on Aug 22, 2025 • 0 new comments

• Hot reload does not see any changes not back end not front end

  #51856 commented on Aug 22, 2025 • 0 new comments

• Blazor Authorization - AuthorizeRouteView and RedirectToLogin not working.

  #52063 commented on Aug 22, 2025 • 0 new comments

• Native Trace Instrumentation Support for ASP.NET Core as per OTel specification

  #52439 commented on Aug 22, 2025 • 0 new comments

• After using JsonWebTokenHandler in. net8, when SaveSigninToken=true is set, BootstrapContext is always null

  #53043 commented on Aug 22, 2025 • 0 new comments

• UseAuthorization does not work with WebHostBuilder on .NET 8

  #53332 commented on Aug 22, 2025 • 0 new comments

• Define a pattern for a component that ensures a data protection keyring has an active key

  #52916 commented on Aug 22, 2025 • 0 new comments

• Add ability to scaffold identity endpoints in project and override these

  #53343 commented on Aug 22, 2025 • 0 new comments

• Combining IdToken and AccessToken Claims To Build Principal In Authorization Code Flow

  #53712 commented on Aug 22, 2025 • 0 new comments

• Net 8 Blazor Web App (Interactive server w/ prerendering ) - multiple schemes doesn't work

  #57023 commented on Aug 22, 2025 • 0 new comments

• CS8669 when using runtime compilation and the project has nullable enabled

  #53967 commented on Aug 22, 2025 • 0 new comments

• connection Abort + Dispose crashes process

  #57098 commented on Aug 22, 2025 • 0 new comments

• Linux: RBAC claims resolution fails if user has group with brackets in name

  #58062 commented on Aug 22, 2025 • 0 new comments

• Microsoft.AspNetCore.OpenApi specifies non-nullable get-only properties as nullable

  #58192 commented on Aug 22, 2025 • 0 new comments

• Microsoft.AspNetCore.OpenApi fails to generate document when using polymorphic types

  #58213 commented on Aug 22, 2025 • 0 new comments

• Blazor Identity Account/RegistrationConfirmation Wrong Tutorial Link

  #58092 commented on Aug 22, 2025 • 0 new comments

• OpenApi custom polymorphic type names

  #58332 commented on Aug 22, 2025 • 0 new comments

• OutputCache - Racing condition returns empty response when locking enabled

  #52310 commented on Aug 22, 2025 • 0 new comments

• Evaluate if changes are needed for ServiceKeyLookupMode

  #62054 commented on Aug 22, 2025 • 0 new comments

• Build failure from Microsoft.AspNetCore.Routing.Microbenchmarks (reason: 'AllMeasurements')

  #59993 commented on Aug 22, 2025 • 0 new comments

• Feature request to add correlation id to SignalR clients

  #59156 commented on Aug 22, 2025 • 0 new comments

• Spa Proxy Middleware not configurable

  #59807 commented on Aug 22, 2025 • 0 new comments

• Allow the configuration of ServiceProviderOptions when using the WebApplicationBuilder

  #58217 commented on Aug 22, 2025 • 0 new comments

• Expand `AddPackageFixer` to multiple packages

  #56092 commented on Aug 22, 2025 • 0 new comments

• SecurityTokenInvalidIssuerException: IDX10204: Unable to validate issuer. validationParameters.ValidIssuer is null or whitespace AND validationParameters.ValidIssuers is null or empty.

  #54640 commented on Aug 22, 2025 • 0 new comments

• Quarantine ServerFormsTest.CanWireUpINotifyPropertyChangedToEditContext

  #62386 commented on Aug 22, 2025 • 0 new comments

• Obsolete WebHostBuilder

  #20964 commented on Aug 22, 2025 • 0 new comments

• http-client.env.json incorrectly copied to publish output directory

  #63263 commented on Aug 22, 2025 • 0 new comments

• Quarantine Microsoft.AspNetCore.Components.RevalidatingServerAuthenticationStateProviderTest.SuppliesCancellationTokenThatSignalsWhenRevalidationLoopIsBeingDiscarded

  #60472 commented on Aug 22, 2025 • 0 new comments

• Remove blocking APIs in asp.net core integration tests code

  #43353 commented on Aug 22, 2025 • 0 new comments

• Combine MapWhen with UseAuthorization and many Endpoints is slow

  #54664 commented on Aug 22, 2025 • 0 new comments

• [Performance] Authentication middleware

  #27220 commented on Aug 22, 2025 • 0 new comments

• Verify external providers are using latest APIs

  #4684 commented on Aug 22, 2025 • 0 new comments

• Minimal APIs doesn't describe it's implicit 400 and 415 response behaviors to ApiExplorer

  #35683 commented on Aug 22, 2025 • 0 new comments

• ASP.NET Core OIDC/JWT Handlers should not have a direct dependency on the AAD JWT Library

  #36175 commented on Aug 22, 2025 • 0 new comments

• Multiple Authentication Schemes are mutually exclusive

  #40820 commented on Aug 22, 2025 • 0 new comments

• TaskCanceled Exception thrown from Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler class

  #38467 commented on Aug 22, 2025 • 0 new comments

• OpenIdConnect: setting the ClaimsIssuer property in configuration options has no effect

  #41589 commented on Aug 22, 2025 • 0 new comments

• user LDAP GlobalCatalog to get user groups and add them to ClaimPrincipal.

  #41974 commented on Aug 22, 2025 • 0 new comments

• Make it easier to discover how to enforce/require auth in an application

  #42048 commented on Aug 22, 2025 • 0 new comments

• Enhance the RemoveLoginAsync method of the UserManager class

  #44000 commented on Aug 22, 2025 • 0 new comments

• Find ways to minimize the effort required to configure authz in an HTTP API by 30%

  #42192 commented on Aug 22, 2025 • 0 new comments

• Incorrect OpenAPI schema generated for implicit services/special types/parseables

  #44677 commented on Aug 22, 2025 • 0 new comments

• When using Hot Reload endpoints get duplicated

  #44857 commented on Aug 22, 2025 • 0 new comments

• Avoid `file private` visibility when targeting LangVersion < 11

  #46496 commented on Aug 22, 2025 • 0 new comments

• Address generating FQN for types in RDF

  #46694 commented on Aug 22, 2025 • 0 new comments

• SignalR .NET client telemetry

  #53429 commented on Aug 22, 2025 • 0 new comments

• Metrics for caching

  #54182 commented on Aug 22, 2025 • 0 new comments

• Investigate and polish perf in OpenAPI pipeline

  #56829 commented on Aug 22, 2025 • 0 new comments

• Application fails to start when setting custom ApplicationName

  #58403 commented on Aug 21, 2025 • 0 new comments

• Upgrade guide change - `NavigationException` removal

  #61811 commented on Aug 21, 2025 • 0 new comments

• Blazor Relative URLs in components / Sub-navigation issues

  #23615 commented on Aug 21, 2025 • 0 new comments

• KeyRingProvider uses 24h refresh period even with expired keys and disabled key auto-generation

  #61930 commented on Aug 21, 2025 • 0 new comments

• Make XmlKeyDecryptionOptions public OR add KeyManagementOptions.XmlDecryptor property

  #61386 commented on Aug 21, 2025 • 0 new comments

• Razor Class Library Build Time Serious Regression with .NET 9 SDK

  #59014 commented on Aug 21, 2025 • 0 new comments

• API proposal for Culture Persistence for Blazor WebAssembly Components

  #63183 commented on Aug 21, 2025 • 0 new comments

• Add `PersistKeysToStackExchangeRedis` overload which accepts `Func<IServiceProvider, IDatabase>`

  #61768 commented on Aug 21, 2025 • 0 new comments

• Request timeouts are not applied without the middleware, no error given

  #52025 commented on Aug 21, 2025 • 0 new comments

• Should Microsoft.Extensions.Http.Polly be deprecated in favour of Microsoft.Extensions.Http.Resilience?

  #57209 commented on Aug 21, 2025 • 0 new comments

• different input tag helper behavior in a for and foreach loop

  #40868 commented on Aug 21, 2025 • 0 new comments

• Lack of SignalR typescript client release notes

  #50772 commented on Aug 21, 2025 • 0 new comments

• Check that HttpSys and IIS TLS support isn't impacted by obsolete members on ITlsHandshakeFeature

  #59426 commented on Aug 22, 2025 • 0 new comments

• Support property-targetted validation attributes on records

  #34083 commented on Aug 22, 2025 • 0 new comments

• Quarantine RazorViews_AreUpdatedOnChange and RazorPages_AreUpdatedOnChange

  #56553 commented on Aug 22, 2025 • 0 new comments

• Asp.Net Core does not properly handle the error with polymorphic deserialization from STJ when type discriminator is not specified

  #54037 commented on Aug 22, 2025 • 0 new comments

• Can't use custom parsers with [SupplyParameterFromQuery]

  #56662 commented on Aug 22, 2025 • 0 new comments

• Failing test CanLaunchPhotinoWebViewAndClickButton in 8.0 on Windows.Amd64.Server.2022

  #54017 commented on Aug 22, 2025 • 0 new comments

• Form Databinding Not working correctly with Nested object - Static SSR form submission

  #58988 commented on Aug 22, 2025 • 0 new comments

• RootComponentTypeCache Prevents Dynamic Component Regeneration in Interactive Server Mode

  #60573 commented on Aug 22, 2025 • 0 new comments

• MapRazorComponents fails if you don't have wwwroot

  #51957 commented on Aug 22, 2025 • 0 new comments

• Blazor ErrorBoundary error content not shown when exception occurs inside @foreach

  #56950 commented on Aug 22, 2025 • 0 new comments

• Error about "dynamic culture change while sharding ICU data" no longer always appears in 6.0

  #37258 commented on Aug 22, 2025 • 0 new comments

• Returning an HTML element from a JS interop call throws an exception.

  #23369 commented on Aug 22, 2025 • 0 new comments

• Confusing model binding / model validation behavior related to [Required] and value types

  #63311 commented on Aug 22, 2025 • 0 new comments

• Better SWA docs

  #63292 commented on Aug 22, 2025 • 0 new comments

• Make QuickGrid more inheritance friendly (second try)

  #63326 commented on Aug 22, 2025 • 0 new comments

• AddScheme() doesn't configure options

  #57393 commented on Aug 22, 2025 • 0 new comments

• Add metadata to the endpoints created by the MapIdentityAPI extension method.

  #57803 commented on Aug 22, 2025 • 0 new comments

• AntiforgeryValidationException preventing Blazor app to start on IIS Web App. (case sensitive url)

  #57920 commented on Aug 22, 2025 • 0 new comments

• Add securitySchemes and security requirements for endpoints created by MapIdentityApis

  #57806 commented on Aug 22, 2025 • 0 new comments

• ProducesAttribute seems to ignore named parameters in OpenAPI document generation

  #57995 commented on Aug 22, 2025 • 0 new comments

• Q: Is WebAuthn planned to be implemented by aspnet.security?

  #4657 commented on Aug 22, 2025 • 0 new comments

• Automatically set OpenAPI endpoint metadata for minimal APIs

  #34544 commented on Aug 22, 2025 • 0 new comments

• Add support for content security policy

  #6001 commented on Aug 22, 2025 • 0 new comments

• [Identity] UI bug when the view port is small enought

  #30266 commented on Aug 22, 2025 • 0 new comments

• Identity: Message for invalid username does not reflect actual permitted characters.

  #39375 commented on Aug 22, 2025 • 0 new comments

• Allow acr_values and ui_locales to be specified in OpenIdConnectOptions

  #39503 commented on Aug 22, 2025 • 0 new comments

• Microsoft.AspNetCore.Identity UserManager - Delete user AuthenticatorKey and RecoveryCodes

  #43562 commented on Aug 22, 2025 • 0 new comments

• Certificate authentication fails validation when intermediate certificate isn't in store against TLS specification

  #43661 commented on Aug 22, 2025 • 0 new comments

• Use resource strings in IdentityApiEndpointRouteBuilderExtensions for localization

  #49664 commented on Aug 22, 2025 • 0 new comments

• Breaking routing behavior between net6, net7 and net8.

  #50773 commented on Aug 22, 2025 • 0 new comments

• Add a DefaultPolicy property on AuthorizeRouteView to be used when no Policies are set on a component

  #50111 commented on Aug 22, 2025 • 0 new comments

• MapRazorComponents broken with FallbackPolicy RequireAuthenticatedUser

  #51836 commented on Aug 22, 2025 • 0 new comments

• Custom state not set for OpenIdConnectProtocolValidator

  #52400 commented on Aug 22, 2025 • 0 new comments

• Adding Roles to a Blazor Web project does not work

  #52970 commented on Aug 22, 2025 • 0 new comments

• Attempt to change email to another user's email/username using Identity API results in mismatch between email and username

  #52842 commented on Aug 22, 2025 • 0 new comments

• UserManager.IsInRoleAsync(user, "rolename") still shows user in role after deleting role.

  #52939 commented on Aug 22, 2025 • 0 new comments

• /signin-oidc does not unset nonce and correlation cookies with param error=login_required from failed identity server prompt=none request

  #53048 commented on Aug 22, 2025 • 0 new comments

• Invalid authentication configuration crashes ASP.NET core (stack overflow)

  #53267 commented on Aug 22, 2025 • 0 new comments

• Invalid Issuer should response 500 instead of 401 in dotnet 8 Microsoft.AspNetCore.Authentication.JwtBearer

  #53692 commented on Aug 22, 2025 • 0 new comments

• webapi template uses HttpsRedirection and .http files redirect silently

  #54562 commented on Aug 22, 2025 • 0 new comments

• Upgrade Microsoft.AspNetCore.OpenAPI and add support for OpenAPI v3.1

  #58619 commented on Aug 22, 2025 • 0 new comments

• Make authentication libraries trimmable

  #58786 commented on Aug 22, 2025 • 0 new comments

• MacOSCertificateManager not aborting on failure to write cert to profile folder

  #57410 commented on Aug 22, 2025 • 0 new comments

• Records, positional parameters, data annotations, model validation and OpenAPI inconsistency

  #57486 commented on Aug 22, 2025 • 0 new comments

• Bad Request - Request Too Long - IIS Server

  #57545 commented on Aug 22, 2025 • 0 new comments

• New ASP.Net Core/Angular project templates incompatible with Authentication Middleware

  #57683 commented on Aug 22, 2025 • 0 new comments

• Description on IBindableFromHttpContext parameter of route handler in Minimal API not generated in OpenAPI requestBody

  #57685 commented on Aug 22, 2025 • 0 new comments

• Use TimeProvider instead of DateTimeOffset in DataProtectionAPI

  #57833 commented on Aug 22, 2025 • 0 new comments

• DbUpdateConcurrencyException when using AutoSaveChanges

  #57856 commented on Aug 22, 2025 • 0 new comments

• IRouter.GetVirtualPath alternative in EndpointRouting

  #23041 commented on Aug 22, 2025 • 0 new comments

• AspNetCore.DataProtection `ProtectKeysWithCertificate` rotation mechanism

  #40145 commented on Aug 22, 2025 • 0 new comments

• Routing performance improvements

  #38117 commented on Aug 22, 2025 • 0 new comments

• Can't debug SpaProxy on Linux Docker container

  #41093 commented on Aug 22, 2025 • 0 new comments

• Support configuring the defaults for JWTs created using the user-jwts tool

  #41872 commented on Aug 22, 2025 • 0 new comments

• Static web assets SDK support for multi targeting conventions

  #47885 commented on Aug 22, 2025 • 0 new comments

• `RequestDelegate`-based handlers do not surface in OpenAPI descriptions

  #44970 commented on Aug 22, 2025 • 0 new comments

• Unexpected exception: System.Net.Quic.QuicException(ConnectionIdle) - The connection timed out from inactivity.

  #49780 commented on Aug 22, 2025 • 0 new comments

• [Analyzer] : Warn when registering custom IProblemDetailsWriter after calling AddRazorPages, etc

  #48180 commented on Aug 22, 2025 • 0 new comments

• Enable Automatic Rotation of Trusted Client Certificate Chain Components

  #49788 commented on Aug 22, 2025 • 0 new comments

• Blazor multiple authentication schemes do not play nice with RenderModeServer

  #50122 commented on Aug 22, 2025 • 0 new comments

• Add logging in SecureDataFormat

  #51169 commented on Aug 22, 2025 • 0 new comments

• Create a new documentation page elaborating on various Data Protection error messages

  #50560 commented on Aug 22, 2025 • 0 new comments

• Add support for Partitioned Cookies

  #53224 commented on Aug 22, 2025 • 0 new comments

• Flaky test InjectedStartup_DefaultApplicationNameIsEntryAssembly

  #52429 commented on Aug 22, 2025 • 0 new comments

• Improve observability of Microsoft.IdentityModel logs

  #54424 commented on Aug 22, 2025 • 0 new comments

• Add Data Protection Metrics

  #54451 commented on Aug 22, 2025 • 0 new comments

• Quarantine CanResetSharedKey

  #54840 commented on Aug 22, 2025 • 0 new comments

• Add ILoggerFactory-injection to ApiDescriptionGroupCollectionProvider

  #57295 commented on Aug 22, 2025 • 0 new comments

• Validate or sanitize client-controlled inputs to the JwtBearer WWW-Authenticate header

  #57356 commented on Aug 22, 2025 • 0 new comments