ارتقاء به ASP.NET Core 3.0
نام بستهی npm سمت کلاینت مخصوص SignalR Core که در ابتدا aspnet/signalr-client@ بود و بعد شد aspnet/signalr@، از این پس microsoft/signalr@ شدهاست!
npm install @microsoft/signalr --save
ارتقاء به ASP.NET Core 3.0
نام بستهی npm سمت کلاینت مخصوص SignalR Core که در ابتدا aspnet/signalr-client@ بود و بعد شد aspnet/signalr@، از این پس microsoft/signalr@ شدهاست!
npm install @microsoft/signalr --save
.NET Core 2.1.0 (along with ASP.NET Core and Entity Framework Core) will be released around May 30th, but for folks who can't wait until then and would like to get their hands on the bits a little early, read on!
یک نکتهی تکمیلی
متد IsAjaxRequest و ویژگی AjaxOnly در ASP.NET Core، یک چنین تعاریفی را پیدا میکنند:
متد IsAjaxRequest و ویژگی AjaxOnly در ASP.NET Core، یک چنین تعاریفی را پیدا میکنند:
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Mvc.Abstractions;
using Microsoft.AspNetCore.Mvc.ActionConstraints;
using Microsoft.AspNetCore.Routing;
namespace WebToolkit
{
public static class AjaxExtensions
{
private const string RequestedWithHeader = "X-Requested-With";
private const string XmlHttpRequest = "XMLHttpRequest";
public static bool IsAjaxRequest(this HttpRequest request)
{
return request?.Headers != null && request.Headers[RequestedWithHeader] == XmlHttpRequest;
}
}
public class AjaxOnlyAttribute : ActionMethodSelectorAttribute
{
public override bool IsValidForRequest(RouteContext routeContext, ActionDescriptor action)
{
return routeContext.HttpContext.Request.IsAjaxRequest();
}
}
} - این مطلب را هم مطالعه کنید: «مدیریت مرکزی شماره نگارشهای بستههای NuGet در پروژههای NET Core.»
+ شماره نگارش MSBuild/ویژوال استودیوی لازم برای دات نت 7، حتما باید 17.4 باشد یا از Rider استفاده کنید.
This article explains how to update an existing ASP.NET Core 2.2 project to ASP.NET Core 3.0.
Reintroducing ASP.NET Core 1.0 and .NET Core 1.0
ASP.NET 5 is now ASP.NET Core 1.0.
.NET Core 5 is now .NET Core 1.0.
Entity Framework 7 is now Entity Framework Core 1.0 or EF Core 1.0 colloquially.
Security Advisory Notices
CVE-2019-1077 Visual Studio Extension Auto Update Vulnerability
An elevation of privilege vulnerability exists when the Visual Studio Extension auto-update process improperly performs certain file operations. An attacker who successfully exploited this vulnerability could delete files in arbitrary locations. To exploit this vulnerability, an attacker would require unprivileged access to a vulnerable system. The security update addresses the vulnerability by securing locations the Visual Studio Extension auto-update performs file operations in.
CVE-2019-1075 ASP.NET Core Spoofing Vulnerability
A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect. An attacker who successfully exploited the vulnerability could redirect a targeted user to a malicious website. To exploit the vulnerability, an attacker could send a link that has a specially crafted URL and convince the user to click the link.
The security update addresses the vulnerability by correcting how ASP.NET Core parses URLs. Details can be found in the .NET Core release notes.
CVE-2019-1113 WorkflowDesigner XOML deserialization allows code execution
A XOML file referencing certain types could cause random code to be executed when the XOML file is opened in Visual Studio. There is now a restriction on what types are allowed to be used in XOML files. If a XOML file containing one of the newly unauthorized types is opened, a message is displayed explaining that the type is unauthorized.
For further information, please refer to https://support.microsoft.com/en-us/help/4512190/remote-code-execution-vulnerability-if-types-are-specified-in-xoml.
ASP .NET Core 3.1 A-Z ebook cover
You can find the complete ebook on GitHub using one of the links below:
In this post, let's go through another feature that got introduced to ASP.NET Core in .NET 6 Preview 4. That is Async Streaming.
