Recent Comments


re: ASP.NET Core and CORS Gotchas

Really big help. This blog is one of the best out there for us .NET Core folks.


Rick Strahl
Friday

re: Publishing and Running ASP.NET Core Applications with IIS

@Ratan - this should work as long as you create the sub-application as a new Application (not virtual), and you create a new custom application pool. You also have to explicitly remove the ASP.NET Core Handler (remove name="aspNetCore" />). I'd suspect the 502 errors are something else - those are bad gateway errors usually associated with proxies or load balancing servers. There may be some other config settings leaking from somewhere else in your configuration chain.


Gonkers
Friday

re: Configuring LetsEncrypt for ASP.NET Core and IIS

@Angelo The acme-challenge allows for using DNS verification. That's my preferred route, but you need a DNS provider that has an API for updates. That would obviously require a custom solution though.


Ratan
Friday

re: Publishing and Running ASP.NET Core Applications with IIS

Hi Rick,

Great article, but I am stuck in this dilemma of having a sub application which is not a dot net core app.

I just updated my .net web application to .net core 2.0 which runs just fine. There is a sub-site which is a non-core web application. This sub-application throws an error now: "core 2.0 site error HTTP Error 502.5 - Process Failure."

I changed the application pool settings to no managed code and explicitly removed the handler for dotnetcore as well.

If I keep the .NET CLR version to old v4..., the sub application loads but then it can't find any of the css files or js files in the sub-application folder.

So I created a different application pool for the sub application with CLR version as v4, and now it loads. But it can't find any css files or js files. I am getting a status 502 (Bad Gateway) for all these files. For example:

AppA: Main .net core 2 web app SubAppB: .net 4.6 web app.

On going to https://www.AppA.com/SubAppB/Account/Login All the images, css, js files are throwing 502. In chrome, I see the the browser looking for the files at location: https://www.AppA.com/SubAppB/Content/login.css

BTW, I have set the main AppA's applicationpoolidenetity to NetworkService, but that did not help. How do I get it to find those files in the sub app?


Luis Llamas
Friday

re: Web Browser Control & Specifying the IE Version

You can Inject the meta description on loading the website, previous to rendering. That what you don't need neither to modify the page (what usually is not up to you), neither to insert a registry key (that is a intrusive operation in the user machine)


Angelo Chiello
Thursday

re: Configuring LetsEncrypt for ASP.NET Core and IIS

Hi. There's a similar issue if you use IdentityServer. By default IdentityServer use only https but you need http to serve .well-known for letsencrypt-win-simple. I just allow http connection from IdentityServer configuration to solve that problem but I don't like it. Any suggestions?


Harvey Mushman
September 13, 2017

re: Windows 10 Upgrade and IIS 503 Errors

It happened again... F...ing MS !

After not using localhost for the past couple of months on one of my laptops, I just returned only to find that all access to localhost resulted in a 503 error. After spending an hour or so hunting around, I decided to turn to the old faithful help center - West-Wind.com/Support and low and behold... Rick saved my ass once again! This is the second time this has happened to me, one would think I would have learned! Thank you for all you do to support us with these wonderful writings.


Rick Strahl
September 13, 2017

re: Upgrading to .NET Core 2.0 Preview

@Alex - I know it works, as I use this same setup in my AlbumViewer sample. You can take a look here to make sure you're using the right syntax. 2.0 has changed around configuration of sub-features a little. Also look at this post.


Zef Ubachs
September 12, 2017

re: Configuring LetsEncrypt for ASP.NET Core and IIS

I use the following extension method which works aswell:

/// <summary>
/// Adds a file provider for '.well-known' folder that allows lets encrypt to verify domain requests.
/// </summary>
/// <param name="app"></param>
/// <returns></returns>
/// <remarks>See SO answer: http://stackoverflow.com/a/38406699 </remarks>
public static IApplicationBuilder UseLetsEncryptFolder(this IApplicationBuilder app, IHostingEnvironment env)
{
    var wellKnownDirectory = new DirectoryInfo(Path.Combine(env.ContentRootPath, ".well-known"));
    if (!wellKnownDirectory.Exists)
    {
        wellKnownDirectory.Create();
    }

    app.UseStaticFiles(new StaticFileOptions
    {
        ServeUnknownFileTypes = true,
        FileProvider = new PhysicalFileProvider(wellKnownDirectory.FullName),
        RequestPath = new PathString("/.well-known"),
    });
    return app;
}

Use it like this:


public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
    // Add logging
    app.UseLetsEncryptFolder(env);
    // Add other middleware like Authentication, MVC, ...
}

Alex
September 12, 2017

re: Upgrading to .NET Core 2.0 Preview

I'm having issue with Windows auth and CORS with my Angular app running on port 4200 and web api on port 5000. Receive 401 on any request. In core 1.x it works fine.


Tyler
September 11, 2017

re: Using Let's Encrypt with IIS on Windows

Finally got mine working after getting my bindings corrected and ports opened. Then, used Certify.


Kashif
September 10, 2017

Edgar Ricárdez
September 09, 2017

re: Back to Basics: UTC and TimeZones in .NET Web Apps

Hi @Rick, thanks for this post.

With the client value: Central Daylight Time (Mexico), I get TimeZoneExceptionNotFound.

Regards


Whoever
September 07, 2017

re: Error Handling and ExceptionFilter Dependency Injection for ASP.NET Core APIs

In pre-core .NET MVC, it was mentioned that

"Web API caches filter attribute instances indefinitely per action, effectively making them singletons. This makes them unsuited for dependency injection, since the attribute’s dependencies will be accidentally promoted to singleton as well, which can cause all sorts of concurrency issues."

http://simpleinjector.readthedocs.io/en/latest/webapiintegration.html

Do we know if this is still true for .NET Core Service/Type filter?

Thanks.


Sivan Leoni
September 06, 2017

re: ASP.NET GZip Encoding Caveats

Thank you for the great post. Any idea why would a certain website look fine on all computers and browsers, but a specific computer it is garbled text page in all browsers. Is there a settings somewhere in windows that prevents pages from interpreting gzip content correctly? Why would only one of my clients receive the garbled text?

I'm a web programmer, and my application works fine for all people, but I have one client that says that in all their browsers, the page looks garbled.

Any help would be great.

Thanks! Sivan


Rick Strahl
September 06, 2017

re: Web Browser Control & Specifying the IE Version

@JohnK - it should show the correct browser version if you use the registry hack. If you use the Edge mode header the user agent shows the original with some edge mode additions to the UA string.


John K
September 06, 2017

re: Web Browser Control & Specifying the IE Version

Thanks for the advice on setting the IE Version. Is there anyway to get it to report this as the Browser version. We use Google Maps and it shows the map but also shows a warning that we are using an old version of the Browser.


Mark D
September 06, 2017

re: Multi-Targeting and Porting a .NET Library to .NET Core 2.0

@Rick, have you ported an MVC Core Project to 2.0 on the full framework yet? I can't seem to find the right settings .csproj configuration to get Microsoft.AspNetCore.* libraries to install and still have access to the full framework to use SQL Reporting Services. This was all oworking very nicely using 1.1 on a full framework configuration.


Oliver Clare
September 05, 2017

re: Hosting SignalR under SSL/https

4 years on and this article still seems relevant today. We're struggling with an HTTPS setup for SignalR, but not for the obvious reasons. We seem to have an issue that only occurs when there's an HTTPS binding and reliably disappears when we remove the HTTPS binding and use HTTP only. However, we have had the same code working fine on HTTPS and sometimes it seems to be okay... Due to a recent bunch of tests (swapping in/out various bindings), we are convinced it's something to do with our code on an HTTPS setup, but the fact it works sometimes on HTTPS is really frustrating!

We're getting the following error chain: System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. ---> System.Net.Sockets.SocketException: An existing connection was forcibly closed by the remote host

I'm currently thinking it has to be that we're not making enough attempts to restart the connection on disconnect, but any advice would be welcome. Many thanks!


Rick Strahl
September 03, 2017

re: Bitmap types, Binary Resources and Westwind.Globalization

@Smith - no example, but you can generate RESX resources and strongly typed resources to use as you would any other resources in any other .NET project.

What I do is this:

I use this for class libraries, and Windows desktop apps, WPF and anything that requires RESX resources outside of a Web project.


Smith
September 03, 2017

re: Bitmap types, Binary Resources and Westwind.Globalization

Hello,

Do you have any WinForms example where Westwind globalization is used?

Regards


Rick Strahl
August 31, 2017

re: .NET Standard 2.0 - Making Sense of .NET Again

@Ken - When you create a Package that conforms to .NET Standard, you're creating a package that follows the .NET Standard specification. IOW the DLL you create supports only the features available in .NET Standard, plus any additional packages you add. The code you write is 'physically there' of course, but what it's 'binding' to is .NET standard of whatever implementation you are working with that supports that version of .NET Standard.

Anybody who consumes your package now is assured that the package can run under any .NET implementation (ie. .NET Core, full framework, Mono, UWP, etc.) that support that specific version of .NET Standard that you bound to when you built your package.

IOW - you create a specific implementation, but by targeting .NET Standard you are saying "this package is supported on any platform that supports this version of .NET Standard that I bound to".


Martin
August 31, 2017

re: Publishing and Running ASP.NET Core Applications with IIS

I'm using dotnet publish with the --configuration release switch to build my web app. It works great, but I can't seem to get my connection string in my appsettings.json file to transform into my appsettings.release.json file. Does this work?


Rahul Mathew
August 31, 2017

re: Building a jQuery Plug-in to make an HTML Table scrollable

(intermediate value).getMilliseconds(...).ToString is not a function


Kashif
August 30, 2017

re: Accepting Raw Request Body Content with ASP.NET Web API

Excellent post, is there anything similar available for .net core.


Tyler Style
August 30, 2017

re: Web Browser Control & Specifying the IE Version

I am SO grateful to have found this article - the behaviour itself (much less the fix) is not detailed anywhere in the Microsoft documentation I went through, and I was about to beat my head in trying to get jQuery loading in the web app being displayed in my app's WebBrowser control.

Thanks very much indeed!!!


Hadi
August 29, 2017

re: Upgrading to .NET Core 2.0 Preview

i used services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { options.Audience = "http://localhost:5000/"; options.Authority = "http://localhost:5000/"; options.TokenValidationParameters = tokenValidationParameters; });

but i don know it doesnt work , HttpContext.User.Claims is empty and my claims are not there, while it was working when the version vas 1.1.2


Rick Strahl
August 28, 2017

re: Using Let's Encrypt with IIS on Windows

You have to bind to a specific domain name so the site has to be set up with host headers and EACH host header has to have its own certificate. If you have existing bindings or a wildcart cert then it won't work.

Use LetsEncrypt-WinSimple and look at the list it produces and if it doesn't pick up your site it's not configured properly for Host Header/SNI/Bindings.


Rick Strahl
August 28, 2017

re: ASP.NET Core and CORS Gotchas

@Alex - works for me in .NET Core 2. Make sure you're not testing against a local address as CORS will not fire for it. It'll only generate headers for remote access.


James
August 28, 2017

re: Upgrading to .NET Core 2.0 Preview

Something else to keep in mind: Some people create libraries with embedded web content by first updating .csproj, setting Sdk="Microsoft.NET.Sdk.Web and <OutputTypeEx>library</OutputTypeEx>. As long as <PreserveCompilationContext>true</PreserveCompilationContext> is also set, you can also have TypeScript files compiled, along with .cshtml, and embed them as desired into a self contained library. The problem moving to 2.0 is this:

https://github.com/dotnet/cli/issues/6904

Someone added a new flag to block NuGet package generation on this Sdk setting (to fix this: https://github.com/aspnet/websdk/issues/150), and even if you select "Generate Nuget package on build", nothing will happen (tooling fail again lol). People should be aware they now have to add <IsPackable>true</IsPackable> also to those projects. Hope this helps someone! 😉

One last thing: If embedding content, and using .TS files, also add this: <IncludeContentInPack>false</IncludeContentInPack> to prevent .js.map and .js files from getting included in the .nuget package (a bug I think I found: https://github.com/aspnet/Home/issues/2166). 😉


Tyler
August 27, 2017

re: Using Let's Encrypt with IIS on Windows

I am not able to create a new SSL to my default SSL site.

My "Default Site" is listening to all http:80 requests on all addresses.

I tried setting up an SSL binding with SNI, and LetsEncrypt didn't pick up on it.

I created a default SSL site (was getting a warning in IIS) by creating an HTTPS binding on all IPs with no host name indicated.

This didn't work.

I tried creating a new site with SSL bindings to both the hostname and no hostname (both with all and single IPs), but this didn't work.

What could I be missing here?


Alex
August 24, 2017

re: ASP.NET Core and CORS Gotchas

Cors doesn't work for me anymore in dotnetcore 2.0. Used to work in 1.2


YipYip
August 21, 2017

re: Multi-Targeting and Porting a .NET Library to .NET Core 2.0

Painted myself into a corner and have just found your article.

Implementing legacy W/S with the associated DTO's & POCO's that NEED to come with the W/S.

What a nightmare .core debacle.

Finally somebody actually saying the elephant in the room that as you pointed out it was unusable in a real world enterprise scenario.

Cheers 😉


Forgotten
August 21, 2017

re: Updating Windows Applications and Installers for non-Admin Installation

For WIX fanboys, below is a simple WIX setup (to be copied into the Product.wxs file) to create a basic per-user MSI installer. All 'GUID' values should be unique GUIDs. Note that the 'RegistryValue' nodes are required for each item to be installed to have MSI install the item under %LocalAppData%.

<?xml version="1.0" encoding="UTF-8"?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi">
  <Product Id="GUID" Name="myapp" Language="1033" Version="1.0.0.0" Manufacturer="mycompany" UpgradeCode="GUID">
    <Package InstallerVersion="500" Compressed="yes" InstallScope="perUser"/>
    <MajorUpgrade DowngradeErrorMessage="A newer version of [ProductName] is already installed."/>
    <!-- Install requirements. -->
    <Condition Message="x64 version of Windows 8/Windows Server 2012 or later required.">VersionNT64 >= 602</Condition>
    <!-- Set installer's icon in 'Add/Remove Programs'. -->
    <Property Id="ARPPRODUCTICON" Value="myapp.ico"/>
    <!-- Embed all cabinet files. -->
    <MediaTemplate EmbedCab="yes"/>
    <Feature Id="ProductFeature" Title="myapp" Level="1">
      <ComponentGroupRef Id="ProductComponents"/>
    </Feature>
  </Product>
  <Fragment>
    <Directory Id="TARGETDIR" Name="SourceDir">
      <Directory Id="LocalAppDataFolder">
        <Directory Id="myappFolder" Name="myapp"/>
      </Directory>
      <Directory Id="ProgramMenuFolder">
        <Directory Id="myappFolder" Name="myapp"/>
      </Directory>
    </Directory>
  </Fragment>
  <Fragment>
    <ComponentGroup Id="ProductComponents" Directory="myappFolder">
      <Component Id="MainExecutable" Guid="GUID">
        <File Id="myappEXE" Source="..\myapp\bin\Release\myapp.exe" KeyPath="no" Checksum="yes">
          <Shortcut Id="startMenuShortcut" Directory="myappFolder" Name="myapp" WorkingDirectory='myappFolder' Icon="myapp.ico" IconIndex="0">
            <Icon Id="myapp.ico" SourceFile="..\myapp\myapp.ico"/>
          </Shortcut>
        </File>
        <RegistryValue Root="HKCU" Key="Software\myapp\myapp" Name="myapp.exe" Type="integer" Value="1" KeyPath="yes"/>
        <RemoveFolder Id="myappFolder" Directory="myappFolder" On="uninstall"/>
        <RemoveFolder Id="myappFolder" On="uninstall"/>
      </Component>
      <Component Id="MainExecutableConfig" Guid="GUID">
        <File Id="myappEXECONFIG" Source="..\myapp\bin\Release\myapp.exe.config" KeyPath="no"/>
        <RegistryValue Root="HKCU" Key="Software\myapp\myapp" Name="myapp.exe.config" Type="integer" Value="1" KeyPath="yes"/>
      </Component>
      <Component Id="SomeLibrary" Guid="GUID">
        <File Id="SomeDLL" Source="..\myapp\bin\Release\Some.dll" KeyPath="no"/>
        <RegistryValue Root="HKCU" Key="Software\myapp\myapp" Name="Some.dll" Type="integer" Value="1" KeyPath="yes"/>
      </Component>
    </ComponentGroup>
  </Fragment>
</Wix>

Majid
August 20, 2017

re: Bypassing IIS Error Messages in ASP.NET

Very helpful. But I think customErros is an Asp.net thing and not related to IIS.


Jan
August 20, 2017

re: Automating IIS Feature Installation with Powershell

Does anyone know, how to enable (IIS 6 Management Console, IIS 6 Scripting Tools, IIS 6 WMI Compatibility) using command line? This is for Windows 7 Enterprise 64 bit


Suvaberata
August 19, 2017

re: AngularJs and Promises with the $http Service

Deprecation Notice

The $http legacy promise methods .success and .error have been deprecated and will be removed in v1.6.0. Use the standard .then method instead.

— AngularJS (v1.5) $http Service API Reference -- Deprecation Notice.


Rajeev Ranjan Tiwary
August 17, 2017

re: Custom Message Formatting in WCF to add all Namespaces to the SOAP Envelope

Hi Rick,

Very Nice Article. Can you elaborate following lines:

There may be other ways to do this as well by subclassing or creating a separate interface and attaching that without explicitly changing the generated code, but either way you have to override what WCF generates.

Can you give us some examples explaining other ways to override? Because there's no point of applying to Reference.cs as you also mentioned "you lose the ability to re-generate the service".


Rick Strahl
August 17, 2017

re: Publishing and Running ASP.NET Core Applications with IIS

@Matthew - Yup in most cases it's not necessary to run under IIS, but as of Visual Studio 2017.3 you can use IIS for debugging.


Matthew
August 17, 2017

re: Publishing and Running ASP.NET Core Applications with IIS

Rick,

Thanks for writing the very helpful article. I was wasting a bunch of time trying to figure out how to debug under IIS with dotnet core and now realize it's not necessary.

Matthew


Andrew
August 16, 2017

re: Dell XPS 15 review

I have the high end version of the laptop. A costumer has it as well, exactly the same one as I have (two weeks newer). Both machines refused to turn on within the past two months. Despite all efforts to get things to work (the whole flea power issue many Dell laptops suffer from) nothing worked. This laptop has never even left my desk, and as always been taken care of properly.

This is the third time a Dell XPS laptop failed me, and the third time Dell offered no other solution other than me throwing cash at them. At this price-point I would expect a little bit more value for money. I travel around with a seven year old Samsung laptop which I even dropped down the stairs. It looks like crap, but works perfectly fine. That laptop cost me a fraction of what I paid for my Dell XPS. Needless to say, I am slightly done with Dell computers. And let's not even start talking about their customer service. The only service I found to be worse is that of Apple, which is equally over-priced.

I'll stick to my el-cheapo $1100 Samsung laptop until either I or it dies.


Marcel Slats
August 15, 2017

re: Adding minimal OWIN Identity Authentication to an Existing ASP.NET MVC Application

Finally found an article that does not direct me to the new project wizard to start a complete project without telling me what does what.

With this article I understand what's going on and how to handle the results without using the EF.

Excellent article, thanks.


Rick Strahl
August 15, 2017

re: Upgrading to .NET Core 2.0 Preview

@Roderic - good questions. According to Microsoft, they can figure out what's used and what's not and pull in only the packages that are actually referenced. Application level users will always target the whole framework - it's only in other libraries where I think you'll see potential for too much stuff pulled in.


Roderic
August 15, 2017

re: Upgrading to .NET Core 2.0 Preview

Hi Rick, thanks for the blogpost. What is your opinion for class libraries and package creators, should they still like in 1.1 minimize the dependencies they use or also use the Microsoft.AspNetCore.All opt-out. I'm leaning towards still minimizing, but it seems the .net core team is moving to the "just include all" mindset of the full framework. What do you think?


Rick Strahl
August 14, 2017

re: Upgrading to .NET Core 2.0 Preview

@Roman - the code was broken in the last preview. I updated it today with the RTM bits and it's working properly now along with the slightly changed syntax for setting up authentication.


Rick Strahl
August 14, 2017

re: Multi-Targeting and Porting a .NET Library to .NET Core 2.0

@Felix - that dropdown only controls what you see in the editor, not what the project is actually using for compilation. It's useful as you can edit code and see the appropriate Intellisense and error information in the editor, but it won't affect the build process for example when running tests.

For example, try changing the dropdown and then run a test that steps into code - if the platform specified in the .csproj file differs it'll always use what's in the .csproj file.


Felix
August 14, 2017

re: Multi-Targeting and Porting a .NET Library to .NET Core 2.0

@Rick - You and Stefan are talking of different things (look at his screenshot): he is talking about the dropdown box inside the editor while you are talking about the target framework dropdown box on the project property page.


Roman
August 13, 2017

re: Upgrading to .NET Core 2.0 Preview

Rick, does the user authentication work for you?

I'm trying to run the AlbumViewer project and unable to authenticate. Or rather, it authenticates fine, but the line HttpContext.User.Identity.IsAuthenticated in the AlbumViewerApiController.SaveAlbum method always returns false.

Help appreciated.