* Fix use of precedence in endpoint routing DFA
Fixes: #18677Fixes: #16579
This is a change to how sorting is use when building endpoint routing's graph of
nodes that is eventually transformed into the route table. There were
bugs in how this was done that made it incompatible in some niche
scenarios both with previous implementations and how we describe the
features in the abstract.
There are a wide array of cases that might have been impacted by this
bug because routing is a pattern language. Generally the bugs will involve a
catch-all, and some something that changes ordering of templates.
Issue #18677 has the simplest repro for this, the following templates
would not behave as expected:
```
a/{*b}
{a}/{b}
```
One would expect any URL Path starting with `/a` to match the first
route, but that's not what happens.
---
The root cause of this bug was an issue in how the algorithm used to be
build the DFA was designed. Specifically that it uses a BFS to build the
graph, and it uses an up-front one-time sort of endpoints in order to
drive that BFS.
The building of the graph has the expectation that at each level, we
will process **all** literal segments (`/a`) and then **all** parameter
segments (`/{a}`) and then **all** catch-all segments (`/{*a}`). Routing
defines a concept called *precedence* that defines the *conceptual*
order in while segments types are ordered.
So there are two problems:
- We sort based on criteria other than precedence (#16579)
- We can't rely on a one-time sort, it needs to be done at each level
(#18677)
---
The fix is to repeat the sort operation at each level and use precedence
as the only key for sorting (as dictated by the graph building algo).
We do a sort of the matches of each node *after* building the
precedence-based part of the DFA, based on the full sorting criteria, to
maintain compatibility.
* Add test
* Use the default pipe options for backpressure
- This controls memory so clients aren't easily overwhelmed. With the changes made to Pipe to no longer throw if the pause threshold is exceeded makes this work well.
- Remove PipeReaderFactory
- Implement cancellation in SSE
Contributes to #17797
* Fix TimerAwaitable rooting
- This fixes an issue where components that use timer awaitable currently need to be explicitly stopped and disposed for it to be unrooted. This makes it possible to write a finalizer.
* Add support for listening to arbitrary endpoints
- This adds support for kestrel using arbitrary transports with any endpoint. This lets the consumer set an endpoint that flows all the way to the transport.
- Added tests
* Update src/Servers/Kestrel/Core/src/KestrelServerOptions.cs
Co-Authored-By: Chris Ross <Tratcher@Outlook.com>
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Fixes and improvements for dotnet-dev-certs:
* Revamps the HTTPS developer certificate tool implementation.
* It accumulated a lot of cruft during the past few years and that has made making changes harder.
* Separated the CertificateManager implementation into different classes per platform.
* This centralizes the decision point of choosing a platform in a single place.
* Makes clear what the flow is for a given platform.
* Isolates changes needed for a given platform in the future.
* Moved CertificateManager to a singleton
* No more statics!
* Updates logging to use EventSource
* We didn't have a good way of performing logging as the code is shared and must run in multiple contexts and the set of dependencies need to be kept to a minimum.
* Adding ETW allow us to log/monitor the the tool execution and capture the logs with `dotnet trace` without having to invent our own logging.
* We can decide to write an EventListener in `dotnet-dev-certs` to write the results to the console output.
* Updates the way we handle the dev-cert in Mac OS to use the security tool to import the certificate into the store instead of using the certificate store.
* Fixing QueryCollection property documentation
* Update src/Http/Http/src/QueryCollection.cs
Co-Authored-By: Chris Ross <Tratcher@Outlook.com>
Co-authored-by: Sourabh Shirhatti <shirhatti@outlook.com>
Co-authored-by: Chris Ross <Tratcher@Outlook.com>
* Don't re-use DefaultHttpContext if IHttpContextAccessor is in use
- Consumers may still get null or an ODE but will never end up with data from a different request.
- Make sure an ODE is thrown from all properties on HttpContext after the request is over.
* Consolidated similar tests in a theory
* Fix for InvalidOperationException when reached maxAllowedErrors and there are more items left then max depth
* Refactored Visitor logic to reduce the risk of a missing Pop.
* Added comment on when it can throw
* Updated reference assembly
* Reverted publid API change
* Print disk usage
* Try again
* Disk util part3
* dont look at /tmp
* Remove max-depth
* Add disk usage stats to all non-windows platforms
* Disable Ubuntu quarantined test step
* Apply suggestions from code review
- Make thingies worky on macOS
* Update .azure/pipelines/jobs/default-build.yml
* Undo skip of qurantined test run
* Update .azure/pipelines/jobs/default-build.yml
- do not reference directory that doesn't exist
* Update .azure/pipelines/jobs/default-build.yml
- reduce noise in Mac disk utilization output
Co-authored-by: Doug Bunting <6431421+dougbu@users.noreply.github.com>
Without this change, RedirectHandler always follows MaxRedirects + 1. If MaxRedirects was initially set to 1, the body of the while statement is executed twice. This defect expresses itself when calling WebApplicationFactory<Startup>.CreateClient() with WebApplicationFactoryClientOptions.MaxAutomaticRedirections >= 1 and .AllowAutoRedirects = true in integration tests.
* Add overloads to CookieAuthentication to config options with services
* Update reference assembly
* Use the new method in sampple
* Add overloads for other authentication providers
* Update ref assemblies
* Change IServiceProvider to TService
This test failed overnight on linux. The part that failed was checking the exit code
of `kill` which is a little surprising. This implies that `kill` itself was also
forcibly killed - so we're increasing the timeout before we kill `kill`. 👍
* Always generate checksums as last part of publish job
* Initialize props correctly
* Fix wildcard
* Import Arcade SDK
* Add NoWarn MSB4011
* Make import conditional on GenerateChecksums
* Select specific files to checksum
* Respond to feedback
* AfterTargets -> BeforeTargets
Ryan Brandenburg
Christian Wenz
Ben Adams
Brennan
Hao Kung
John Luo
George
Martin Costello
Ryan Nowak
Doug Bunting
David Fowler
Brice Lambson
James Newton-King
Pranav K
Safia Abdalla
Daniel Eisterhold
Scott Addie
Javier Calvarro Nelson
Sébastien Ros
WuYafeng
Stephen Halter
William Godbe
Alessio Franceschelli
N. Taylor Mullen
Wayne Adams
Thomas Levesque
Helgevold Consulting, LLC
Günther Foidl
Jan Joneš
TeBeCo
Michiel van Wessem
Alexey Ananyev
github-actions[bot]
Chris Oliver
Kahbazi
Kevin Pilch
Adam Sitnik
Andrew Stanton-Nurse
Justin Kotalik