To enable custom handling of antiforgery validation failures, use an
`AntiforgeryValidationFailedResult` which is just a `BadRequestResult`
but allows to be identified explicitly inside always-running result
filters using the `IAntiforgeryValidationFailedResult` marker interface.
If another handler modifies the request headers the modified headers get
applied on subsequent requests, which is not correct. This change copies
the headers before sending the request and uses the original headers for
the redirect request instead of the potentially modified ones.
Do not provide compilation references from runtime MVC assemblies. This avoids cases where the app is compiled
against an older MVC but running against a newer one (e.g. shared fx roll forward) resulting in compiling against multiple
versions of MVC assemblies
Fixes#7969
* Allow controller and Razor Page models to be annotated with BindPropertiesAttribute
* Disallow BindPropertyAttribute from being declared on types.
* Do not allow arbitrary binding attributes to be applied to Razor Page models.
Fixes#7686
Allow properties on controllers, Razor Page and Razor Page models annotatted with [ViewDataAttribute]
to populate ViewDataDictionary
Fixes https://github.com/aspnet/Mvc/issues/6525
Infers the 'empty' model prefix for complex types that are read from the value
providers. This gives us better defaults when using the parameter object
pattern with respect to swagger/API explorer.
* Clean up unnecessary workarounds on the build project.
* Remove the need to specify the content root relative to the solution
and use a solution based on an assembly level attribute on the test
assembly created at build time.
* Remove non parameterless constructors.
* Add support for creating specialized factories from the base factory
and keep track of "child" factories for disposal.
* Add support for creating clients that handle cookies and redirects
automatically.
* Detect a ConfigureDefaultBuilder static method on Program.cs of the test site
and use it to initialize the IWebHostBuilder instance that we configure for testing.
* Make use of the new service configuration extensibility points in Hosting to override
services for testing.
* Get rid of MvcWebApplicationBuilder and move MVC specific methods into extension methods.
- relates to #4445
- also relates to #4309 / fb07fee though restored and renamed files are slightly different
- latest Unobtrusive version; copy just one file under `wwwroot`
- add JavaScript file and CDN links to enable manual testing of `[Remote]` tests in `BasicWebSite`
- include renamed files for recreating the minimized JavaScript file manually
- #4339: remove non-recommended JSON formatter constructors
- affects `JsonInputFormatter`, `JsonOutputFormatter`, `JsonPatchInputFormatter`
- `JsonOutputFormatter` cleanup also impacts `JsonHelper`
- rename and make `SerializerSettingsProvider` class public; use it as appropriate
- #4409: make `SerializerSetings` properties get-only and `protected`
- affects `JsonInputFormatter`, `JsonOutputFormatter`
Recommended patterns:
- change `JsonSerializerSettings` values in `MvcJsonOptions` for almost all customizations
- find `JsonOutputFormatter` in `MvcOptions.OutputFormatters` when limiting per-result formatters
- start with `JsonSerializerSettingsProvider.CreateSerializerSettings()` when customizing a per-result formatter
Patrick Westerhoff
James Newton-King
Pranav K
Javier Calvarro Nelson
Kiran Challa
Ryan Nowak
Ryan Brandenburg
Steve Sanderson
N. Taylor Mullen
Jass Bagga
Doug Bunting
Derek Gray