github-actions[bot]
commented
10 months ago 🎉🥳 Happy New Year! 💃🕺
A green dinosaur 🦖 will be along shortly to assist. Stand-by ........
Closed GStoynev closed 9 months ago
github-actions[bot]
commented
10 months ago A green dinosaur 🦖 will be along shortly to assist. Stand-by ........
guardrex
commented
10 months ago Hello @GStoynev ... That's true because I've been busy with other high priority updates and the engineers haven't said much explicitly about static SSR and BWA auth. I'll ping them to take a look and see if they want to add or change anything.
guardrex
commented
10 months ago I'm composing an email now to see how Artak wants to triage this issue. UPDATE: Done! ... We should get some feedback from one or more engineers shortly.
guardrex
commented
9 months ago Well ... so much for that email message 🙈😆.
I'll ping @MackinnonBuck ...
Mackinnon, the question is if guidance on the establishment of the SignalR connection should now add a qualifier expression, such as going from a statement like ...
Server-side Blazor operates over a SignalR connection with the client.
... to ...
Interactively-rendered server-side Blazor operates over a SignalR connection with the client.
I propose to sweep the whole doc set, analyze all of our "SignalR connection"-phrased guidance, and update those spots for 8.0+ to say that either it's for interactive SSR or not for static SSR, depending on the context of the remark.
Does that sound about right?
guardrex
commented
9 months ago I just chatted with Mackinnon on it offline ... and the answer is ............. 🥁🥁🥁🥁🥁🥁 roll plz ......................
Yes! ... We do want to do this around the doc set when referring to the SignalR connection. I'll see if I can square this away right now.
guardrex
commented
9 months ago Unfortunately tho, I'll likely only address it in the one spot because this sort of update must be assessed on a line-by-line, case-by-case basis, and there are several hundred lines that refer to both "server-side Blazor" and "SignalR". I'm buried in 8.0 doc work for as far as the eye can see. I don't have time to analyze every case right now. I'll keep an 👁️ out as I work on individual topics. For this issue, I'll fix it for the line you called out.
guardrex
commented
9 months ago However, I think I can address it broadly via the INCLUDE file that I'm using. I need to make an update there anyway because it focuses on interactive SSR, and it really shouldn't. It should say static SSR code execution is also server/server-side. While I'm making that change, I can make it say that the interactive SSR operates over a SignalR connection.
guardrex
commented
9 months ago One final note ... more work is coming in the area of security for BWAs. I've been putting out fires 🔥🚒 ever since release, but I'll eventually have more time to assess and update the Blazor server-side auth docs, including dealing with additional guidance on static SSR Identity components.
Description
In the section "Server-side Blazor authentication", the documentation doesn't adequately help with static SSR, IMO. I hope you guys can improve a bit. Thanks
Page URL
https://learn.microsoft.com/en-us/aspnet/core/blazor/security/?view=aspnetcore-8.0
Content source URL
https://github.com/dotnet/AspNetCore.Docs/blob/main/aspnetcore/blazor/security/index.md
Document ID
1247ee64-fbc9-ce29-0710-f6e59380f5ee
Article author
@guardrex