-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make enhanced nav much more conservative, and better handle redirections #50551
Conversation
ca01d7c
to
ac96696
Compare
// Matches MVC's MemoryPoolHttpResponseStreamWriterFactory.DefaultBufferSize | ||
var defaultBufferSize = 16 * 1024; | ||
await using var writer = new HttpResponseStreamWriter(httpContext.Response.Body, Encoding.UTF8, defaultBufferSize, ArrayPool<byte>.Shared, ArrayPool<char>.Shared); | ||
using var bufferWriter = new BufferedTextWriter(writer); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is separate from the rest of the PR, but I realised that RazorComponentResultExecutor
is inconsistent with RazorComponentEndpointInvoker
.
It's dangerous that we have two different implementations as they could be out of sync and not support the same features. And here in fact one of them was not using the new buffering solution. However I don't want to unpick all the complexities of unifying these code paths within this PR (and I think we likely should leave that for .NET 9), so I'm just changing RazorComponentResultExecutor
to use the same buffering technique as RazorComponentEndpointInvoker
. Longer term, we should unify the code.
Note that fixing this forced me to make some other unit test updates (see WaitForContentWrittenAsync
in this PR), as the unit tests were relying on content writes being completely synchronous.
public static string CreateProtectedRedirectionUrl(HttpContext httpContext, string destinationUrl) | ||
{ | ||
var protector = CreateProtector(httpContext); | ||
var protectedUrl = protector.Protect(destinationUrl, TimeSpan.FromSeconds(10)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The time needs to be configurable
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great!
Especially happy with the thoroughness of the E2E tests
50c2f98
to
545d786
Compare
…d nav external redirections, now as opaque URL
545d786
to
d72681b
Compare
This looks like too much magic for something that should have been be a simple Is there anyway to prevent enhance nav on rc1? |
Hi @Bartmax. It looks like you just commented on a closed PR. The team will most probably miss it. If you'd like to bring something important up to their attention, consider filing a new issue and add enough details to build context. |
Yes, just set it to false at the root level (e.g., on your For POST requests it's always set on a per-form basis (defaulting to off) because it would be unsafe to assume that all forms in general should use enhanced posts (e.g., they may not even target a Blazor endpoint). |
This PR makes enhanced navigation/forms much more conservative:
data-enhance-nav
attribute in HTML.data-enhance
to the form element orEnhance
if it's anEditForm
(they're equivalent). This is nonhierarchical since it's not desirable to enable this globally.no-cors
on the fetch request, so it should now be impossible to receive content from an external origin (and it falls back on retrying as a full-page load for GET, or an error with a clear message for POST).fetch
normally would. As of this PR, the URL is data protected so all the client can do is navigate to an endpoint that issues a real 302 to the real URL. As such JS no longer has access to any more info than it normally would with afetch
.With all this, it should be much less likely for enhanced nav/redirections to run into incompatibility issues. And much easier for developers to disable it for whole regions in the UI if they want.