Handcrafted, AI-free blog posts about DevOps, DevSecOps, application security, web development, Azure and similar topics
The post discusses the implementation of a CSV export feature in an application with an ASP.NET Core Web API backend and a React frontend. The author used the CsvHelper library for creating the CSV file. The post details the construction and functions of various classes and methods, crucial for successful export. A key mention is the axios for requests and the correct setting of response type.
This post is about the integration of SonarCloud analysis in Azure DevOps YAML pipelines starting from a basic scenario that analyzes a repository containing a .NET Core 7 solution and ending up with a more complex scenario that analyzes a repository that additionally contains a React application and Terraform files.
Recently I faced the following problem: a React (v18.2.0) frontend application that uses axios (v1.3.6) to fetch data from an ASP.NET Core Web API did not behave as expected when it comes to deserialization of JSON datetimes to Typescript type Date.
A colleague at work is currently working on a prototype for Azure OpenAI Services integration. He deployed the prototype application directly from Azure OpenAI Studio to an Azure App Service. When he tried to access the application for the first time, he received the following error message. Authentication Not ConfiguredThis app does not have authentication... Continue Reading →
A few months ago, a colleague at work approached me and asked me about the easiest way to create release notes for a past release in Azure DevOps. Note that the CI/CD process in this case is implemented using Azure DevOps YAML pipelines. There are of course different approaches to solve this challenge. Some of... Continue Reading →
I recently implemented ASP.NET Core integration tests in a project I am working on. I have followed the official documentation, which was extremely helpful. The system under test (SUT) is an ASP.NET Core Web API (.NET 7) implementing backends for frontends (BFF) pattern. To follow security best practices we enabled HTTPS redirection in all stages... Continue Reading →
In a report of a penetration test, a finding was listed that criticized the disclosure of detailed error messages that provide information about the technology used for the implementation. Concretely, the finding was about error messages returned in responses from a .NET Core Web API to requests with an incorrect body. Due to the incorrect... Continue Reading →
When working with Azure Monitor alerts that trigger email notifications, there is a tiny little detail to consider to make sure the email notifications get delivered as expected. But let's first have a look at the setup of an Azure Monitor alert. In my case, I set up an Azure Monitor metric alert and action... Continue Reading →
Lately I nearly got crazy when working with Visual Studio Credential in ASP.NET Web API project. For Test, Int and Prod environments I usually use Managed Identity and for local development I prefer using Visual Studio Credential for i.e. accessing Azure Key Vault or Azure Storage Account services. In this example, access key authentication is... Continue Reading →
To test a certain use case in the context of the integration of an application with AAD B2C I wanted to change the User Principal Name (UPN) of a user. The UPN corresponds to the username and email address of a user. First, I tried changing the UPN directly through the Azure Portal by switching... Continue Reading →
blog.rufer.be 