- #3215
- add new accessor properties to `IModelBindingMessageProvider` and plumb them through
- use in `ModelStateDictionary` when handling a `FormatException` or `OverflowException`
- use in `ValidationHelpers` when handling a `ModelError` with `null` `ErrorMessage`
- add new `ModelExplorer` parameter to `IHtmlGenerator.GenerateValidationMessage()`
- plumb through to `ValidationHelpers.GetModelErrorMessageOrDefault()`
Started from work @kichalla did on the `kiran/movemessages-to-messageprovider` branch in #3775.
nits:
- use helper methods more consistently in `HtmlHelper<T>`; slightly improves error checking
- remove unused `Resources` class from `Microsoft.AspNet.Mvc`
- make `ValidationHelpers` class `public`; already in `.Internal` namespace
- split `GetUserErrorMessageOrDefault()` in two; rename to `GetModelErrorMessageOrDefault()`
- fix some #YOLO wrapping
- aspnet/Razor#643 part 2: react to aspnet/Razor#653
- change test calls and delegates to include new parameter
- add tests specifically of the new feature
- add tag helpers using new feature to `TagHelpersTest` functional test
- note `HtmlEncoder`s used elsewhere e.g. in other `RazorPage` instances are unaffected
- i.e. changing one `RazorPage.HtmlEncoder` property only affects C# expressions in that page
Also simplify scope management, removing bizarre assertion when user does something odd.
nits:
- correct `// Act` and `// Act & Assert` content
- remove #YOLO wrapping
- #3386
- initialize comparison `HashSet` with unencoded values to ensure both are checked
- address perf and correctness issues in this code
- `context.Items[typeof(SelectTagHelper)]` entry read as `ICollection` but written as `IReadOnlyCollection`
- `IReadOnlyCollection` worse because it does not include `Contains()`, causing Linq use
- every `<option>` element recalculated the encoded values and created a `HashSet` to contain them
- add `CurrentValues` type to cache this `HashSet` in `context.Items`
- each `OptionTagHelper` created the additional `HashSet` even if `Value` was bound
This change adds a list of ApiRequestFormat objects to ApiDescription
object which include the content type and formatter for each supported
content type which can be understood by the action.
Computation is aware of the [Consumes] attribute via the
IApiRequestMetadataProvider metadata interface, and aware of Input
Formatters via the new IApiRequestFormatMetadataProvider interface.
This algorithm is essentially the same as what we do for
produces/output-formatters. We iterate the filters and ask them what
content types they think are supported. Then we cross check that list with
the formatters, and ask them which from that list are supported. If no
[Consumes] filters are used, the formatters will include everything they
support by default.
This feature and data is only available when an action has a [FromBody]
parameter, which will naturally exclude actions that handle GET or DELETE
and don't process the body.
- Validated that each of `TagHelperSample.Web`s sites work properly.
- Found that the `ConditionalCommentTagHelper` page wasn't working as intended due to never being updated after `TagHelperContent` encoding changes.
- Added content verification for the `TagHelper/ConditionalComment` endpoint only since it's static HTML.
#3530
Calling Flush[Async]() on the writer will NOT flush the stream.
Calling Flush[Async]() in Razor will flush both the writer and the stream.
Our normal flow will be to flush the writer, but not the stream. This
avoids chunking, but allows us to do a WriteAsync on the stream as part of
the call to FlushAsync. This is done to avoid a synchronous write due to
Dispose calling Flush on the writer, which needs to call Write on the
stream.
See issue for extensive background.
Adds the concept of an IAntiforgeryPolicy marker interface as well as
the ability to overide policy with a 'closer' filter.
Adds a new [IgnoreAntiforgeryToken] attribute for overriding a scoped
antiforgery policy.
Adds a new [AutoValidateAntiforgeryToken] attribute (good name tbd) for
applying an application-wide antiforgery token. The idea is that you can
configure this as a global filter if your site is acting as a pure
browser-based or 1st party SPA. This new attribute only validates the
token for unsafe HTTP methods, so you can apply it broadly.
- Check MVC services once at startup
- Make action selector sync
We've never really had a scenario for the action selector being async, it
just ended up that way. None of our extensibility here lets you do
anything async without replacing it wholesale, which we don't
recommend.
N. Taylor Mullen
Pranav K
Brennan
Ajay Bhargav Baaskaran
Ryan Nowak
Doug Bunting
Derek Gray
ryanbrandenburg
John Luo
jacalvar
Pavel Krymets