Here’s a summary of what’s new in this preview release:

• Improved ASP.NET Core debugging experience
• Servers & middleware
  • IHttpSysRequestTimingFeature
  • SNI hostname in ITlsHandshakeFeature
  • IExceptionHandler
• Blazor
  • New Blazor Web App project template
  • Blazor router integration with endpoint routing
  • Enable interactivity for individual components with Blazor Server
  • Improved packaging of Webcil files
  • Blazor Content Security Policy (CSP) compatibility
• API authoring
  • Support for generic attributes
• SignalR
  • SignalR seamless reconnect
• Native AOT
  • Support for AsParameters and automatic metadata generation in compile-timed generated minimal APIs
• Authentication and authorization
  • Authentication updates in ASP.NET Core SPA templates
  • New analyzer for recommended AuthorizationBuilder usage
   

These are the customer-reported issues addressed in 15.9.4:

• Visual Studio 15.9 duplicate loads open files on solution reload.
• All users can now connect to on-premise TFS servers through Team Explorer.
• Visual Studio 15.8.3 no longer expands metadata in ItemDefinitionGroup for project-defined items during GUI builds (worked in Visual Studio 15.8.2).
• Visual Studio has multiple tabs for the same file.
• System.ArgumentException: The parameter is incorrect. (Exception from HRESULT: 0x80070057 (E_INVALIDARG)).
• LNK4099 PDB not found.
• Asset Catalog empty.
• /analyze fails for C++ code using /ZW.
• C++ compiler code optimization bug.
• Xamarin.iOS can't select image asset for Image View.
• iOS projects referencing a shared project containing image assets in an asset catalog fail to load on windows.
• Image not populating on iOS splashscreen in VS 15.8.6.
• Possible bad codegen on union/bitfield assignment in VS2017 15.8.
• Fix C# UWP Store 1201 Submission Issue.
• Fix C# UWP package creation error APPX1101: Payload contains two or more files with the same destination path 'System.Runtime.CompilerServices.Unsafe.dll'.
• Error MT2002: Failed to resolve 'System.Runtime.CompilerServices.AsyncValueTaskMethodBuilder' reference from 'System.Threading.Tasks.Extensions...'" when building a Xamarin.iOS project.
• Redirecting to a relative url doesn't work when using AndroidClientHandler.
• Debug information for typedefs of unnamed enums compiled with the C compiler is now restored.
• The spectre-mitigated x86 version of delayimp.lib is now built with /Qspectre mitigations enabled.
• Changes were made to how Asset Catalogs in Xamarin.iOS projects are loaded in order to reduce solution load time.
• We have updated Xamarin.Forms templates to use the latest version.
• We have fixed an issue with ASP.NET Core Web Applications being debugged through Kestrel that would show the error message "Unable to configure HTTPS endpoint. No server certificate was specified...".
• Enabling the AppInsights site extension in App Service from Visual Studio now happens through the use of specific Application Settings.

Security Advisory Notices

• An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles certain file operations. 

A series of talks and discussions at CERN in celebration of the web’s 30th anniversary. 

Bringing WebAssembly to the .NET Mainstream - Steve Sanderson, Microsoft

Many developers still consider WebAssembly to be a leading-edge, niche technology tied to low-level systems programming languages. However, C# and .NET (open-source, cross-platform technologies used by nearly one-third of all professional developers [1]) have run on WebAssembly since 2017. Blazor WebAssembly brought .NET into the browser on open standards, and is now one of the fastest-growing parts of .NET across enterprises, startups, and hobbyists. Next, with WASI we could let you run .NET in even more places, introducing cloud-native tools and techniques to a wider segment of the global developer community. This is a technical talk showing how we bring .NET to WebAssembly. Steve will demonstrate how it runs both interpreted and AOT-compiled, how an IDE debugger can attach, performance tradeoffs, and how a move from Emscripten to WASI SDK lets it run in Wasmtime/Wasmer or higher-level runtimes like wasmCloud. Secondly, you'll hear lessons learned from Blazor as an open-source project - challenges and misconceptions faced bringing WebAssembly beyond early adopters. [1] StackOverflow survey 2021 

 It’s a library. And therefore you can attach any javascript library of your choice as add-ons

State Management is more flexible

JSX syntax blends well together with javascript

Faster learning curve

Modern Web Development is challenging and the way we develop web apps are now different than before

You can reuse components effortlessly because they’re all just pure functions

و تگ پایانی آن : 

نکته مهم در استفاده از این تگ ، ویژگی Permissions آن است که باید با دقت و بسته به نیاز شما تعریف شود :

برخی از این موارد عبارتند از : 

EmptyMask – Has no permissions on the Web site. Not available through the user interface.

ViewListItems – View items in lists, documents in document libraries, and view Web discussion comments.

AddListItems – Add items to lists, add documents to document libraries, and add Web discussion comments.

EditListItems – Edit items in lists, edit documents in document libraries, edit Web discussion comments in documents, and customize Web Part Pages in document libraries.

DeleteListItems – Delete items from a list, documents from a document library, and Web discussion comments in documents.

ApproveItems – Approve a minor version of a list item or document.

OpenItems – View the source of documents with server-side file handlers.

ViewVersions – View past versions of a list item or document.

DeleteVersions – Delete past versions of a list item or document.

CancelCheckout – Discard or check in a document which is checked out to another user.

ManagePersonalViews – Create, change, and delete personal views of lists.

ManageLists – Create and delete lists, add or remove columns in a list, and add or remove public views of a list.

ViewFormPages – View forms, views, and application pages, and enumerate lists.

Open – Allow users to open a Web site, list, or folder to access items inside that container.

ViewPages – View pages in a Web site.

AddAndCustomizePages – Add, change, or delete HTML pages or Web Part Pages, and edit the Web site using a SharePoint Foundation–compatible editor.

ApplyThemeAndBorder – Apply a theme or borders to the entire Web site.

ApplyStyleSheets – Apply a style sheet (.css file) to the Web site.

ViewUsageData – View reports on Web site usage.

CreateSSCSite – Create a Web site using Self-Service Site Creation.

ManageSubwebs – Create subsites such as team sites, Meeting Workspace sites, and Document Workspace sites.

CreateGroups – Create a group of users that can be used anywhere within the site collection.

ManagePermissions – Create and change permission levels on the Web site and assign permissions to users and groups.

BrowseDirectories – Enumerate files and folders in a Web site using Microsoft Office SharePoint Designer 2007 and WebDAV interfaces.

BrowseUserInfo – View information about users of the Web site.

AddDelPrivateWebParts – Add or remove personal Web Parts on a Web Part Page.

UpdatePersonalWebParts – Update Web Parts to display personalized information.

ManageWeb – Grant the ability to perform all administration tasks for the Web site as well as manage content. Activate, deactivate, or edit properties of Web site scoped Features through the object model or through the user interface (UI). When granted on the root Web site of a site collection, activate, deactivate, or edit properties of site collection scoped Features through the object model. To browse to the Site Collection Features page and activate or deactivate site collection scoped Features through the UI, you must be a site collection administrator.

UseClientIntegration – Use features that launch client applications; otherwise, users must work on documents locally and upload changes.

UseRemoteAPIs – Use SOAP, WebDAV, or Microsoft Office SharePoint Designer 2007 interfaces to access the Web site.

ManageAlerts – Manage alerts for all users of the Web site.

CreateAlerts – Create e-mail alerts.

EditMyUserInfo – Allows a user to change his or her user information, such as adding a picture.

EnumeratePermissions – Enumerate permissions on the Web site, list, folder, document, or list item.

FullMask – Has all permissions on the Web site. Not available through the user interface.

حال خارج از تگ‌های SPSecurityTrimmedControl در ابتدا یا انتها ، باید تگ login را مانند زیر به آن اضافه کرد . 

و تمام : 

موفق باشید 

Full stack web in .NET 8 with Blazor | OD116

#MSBuild
Learn how ASP.NET Blazor in .NET 8 allows you to use a single powerful component model to handle all of your web UI needs, including server-side rendering, client-side rendering, streaming rendering, progressive enhancement, and much more! 

Security is one of the most important aspects of any application – and when we talk about security, particularly in ASP.NET applications, it is not limited to development. A secure app involves multiple layers of security in the configuration, framework, web server, database server, and more. In this post, we’ll take a look at the top nine tips for writing secure applications in ASP.NET.