From c8b8e34ad22077628eb588878b75a36bc7c9f5a6 Mon Sep 17 00:00:00 2001 From: Rick Anderson <3605364+Rick-Anderson@users.noreply.github.com> Date: Thu, 24 Aug 2023 12:22:42 -1000 Subject: [PATCH 1/2] Update identity.md Fixes #30142 --- aspnetcore/security/authentication/identity.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/aspnetcore/security/authentication/identity.md b/aspnetcore/security/authentication/identity.md index 9e3d2a8cdd8a..9c2c6266e034 100644 --- a/aspnetcore/security/authentication/identity.md +++ b/aspnetcore/security/authentication/identity.md @@ -244,7 +244,8 @@ To prevent publishing static Identity assets (stylesheets and JavaScript files f ## Next Steps * [ASP.NET Core Identity source code](https://github.com/dotnet/aspnetcore/tree/main/src/Identity) -* [How to work with Roles in ASP.NET Core Identity](https://www.yogihosting.com/aspnet-core-identity-roles/) +* [How to work with Roles in ASP.NET Core Identity](https://www.yogihosting.com/aspnet-core-identity-roles/) + * See [this GitHub issue](https://github.com/dotnet/AspNetCore.Docs/issues/5131) for information on configuring Identity using SQLite. * [Configure Identity](xref:security/authentication/identity-configuration) * From bb6d72c07a6aaee75edb0accb26732cbc6a6aa8a Mon Sep 17 00:00:00 2001 From: Tom Dykstra Date: Thu, 24 Aug 2023 16:23:41 -0700 Subject: [PATCH 2/2] http3 not enabled by default (#30146) --- .../fundamentals/servers/kestrel/endpoints.md | 2 +- aspnetcore/fundamentals/servers/kestrel/http3.md | 15 ++++++++++++--- aspnetcore/grpc/troubleshoot.md | 2 +- aspnetcore/release-notes/aspnetcore-8.0.md | 11 ----------- 4 files changed, 14 insertions(+), 16 deletions(-) diff --git a/aspnetcore/fundamentals/servers/kestrel/endpoints.md b/aspnetcore/fundamentals/servers/kestrel/endpoints.md index 9fcc8c44fb13..ebd7116b1e6c 100644 --- a/aspnetcore/fundamentals/servers/kestrel/endpoints.md +++ b/aspnetcore/fundamentals/servers/kestrel/endpoints.md @@ -528,7 +528,7 @@ TLS is required to support more than one HTTP version. The TLS [Application-Laye | `Http1AndHttp2` | HTTP/1.1 and HTTP/2. HTTP/2 requires the client to select HTTP/2 in the TLS [Application-Layer Protocol Negotiation (ALPN)](https://tools.ietf.org/html/rfc7301#section-3) handshake; otherwise, the connection defaults to HTTP/1.1. | | `Http1AndHttp2AndHttp3` | HTTP/1.1, HTTP/2 and HTTP/3. The first client request normally uses HTTP/1.1 or HTTP/2, and the [`alt-svc` response header](xref:fundamentals/servers/kestrel/http3#alt-svc) prompts the client to upgrade to HTTP/3. HTTP/2 and HTTP/3 requires TLS; otherwise, the connection defaults to HTTP/1.1. | -The default protocol value for an endpoint is `HttpProtocols.Http1AndHttp2AndHttp3`. +The default protocol value for an endpoint is `HttpProtocols.Http1AndHttp2`. TLS restrictions for HTTP/2: diff --git a/aspnetcore/fundamentals/servers/kestrel/http3.md b/aspnetcore/fundamentals/servers/kestrel/http3.md index 7243a60f1eb7..ca0cbbfb6f90 100644 --- a/aspnetcore/fundamentals/servers/kestrel/http3.md +++ b/aspnetcore/fundamentals/servers/kestrel/http3.md @@ -5,7 +5,7 @@ description: Learn about using HTTP/3 with Kestrel, the cross-platform web serve monikerRange: '>= aspnetcore-6.0' ms.author: wigodbe ms.custom: mvc -ms.date: 04/04/2023 +ms.date: 08/24/2023 uid: fundamentals/servers/kestrel/http3 --- @@ -46,9 +46,18 @@ HTTP/3 isn't currently supported on macOS and may be available in a future relea ## Getting started -HTTP/3 is enabled by default. Because not all routers, firewalls, and proxies properly support HTTP/3, by default HTTP/3 is configured together with HTTP/1.1 and HTTP/2. +HTTP/3 is not enabled by default. Add configuration to `Program.cs` to enable HTTP/3. -For more information, see . +:::code language="csharp" source="samples/6.x/KestrelSample/Snippets/Program.cs" id="snippet_Http3" highlight="7-8"::: + +The preceding code configures port 5001 to: + +* Use HTTP/3 alongside HTTP/1.1 and HTTP/2 by specifying `HttpProtocols.Http1AndHttp2AndHttp3`. +* Enable HTTPS with `UseHttps`. HTTP/3 requires HTTPS. + +Because not all routers, firewalls, and proxies properly support HTTP/3, HTTP/3 should be configured together with HTTP/1.1 and HTTP/2. This can be done by specifying [`HttpProtocols.Http1AndHttp2AndHttp3`](xref:Microsoft.AspNetCore.Server.Kestrel.Core.HttpProtocols.Http1AndHttp2AndHttp3) as an endpoint's supported protocols. + +For more information, see . ## Alt-svc diff --git a/aspnetcore/grpc/troubleshoot.md b/aspnetcore/grpc/troubleshoot.md index ec6cce933d64..028866f975a3 100644 --- a/aspnetcore/grpc/troubleshoot.md +++ b/aspnetcore/grpc/troubleshoot.md @@ -151,7 +151,7 @@ Alternatively, a client factory can be configured with `SubdirectoryHandler` by ## Configure gRPC client to use HTTP/3 -The .NET gRPC client supports HTTP/3 with .NET 6 or later. If the server sends an `alt-svc` response header to the client that indicates the server supports HTTP/3, the client will automatically upgrade its connection to HTTP/3. The Kestrel server supports HTTP/3 by default. For more information, see . +The .NET gRPC client supports HTTP/3 with .NET 6 or later. If the server sends an `alt-svc` response header to the client that indicates the server supports HTTP/3, the client will automatically upgrade its connection to HTTP/3. For more information, see . A can be used to force a gRPC client to use HTTP/3. Forcing HTTP/3 avoids the overhead of upgrading the request. Force HTTP/3 with code similar to the following: diff --git a/aspnetcore/release-notes/aspnetcore-8.0.md b/aspnetcore/release-notes/aspnetcore-8.0.md index 1c8ef685388c..deb8cbe55669 100644 --- a/aspnetcore/release-notes/aspnetcore-8.0.md +++ b/aspnetcore/release-notes/aspnetcore-8.0.md @@ -345,17 +345,6 @@ Time to create 100,000 connections: * Before : 5.916 seconds * After   : 2.374 seconds - -### HTTP/3 enabled by default in Kestrel - -HTTP/3 is a new internet technology that was standardized in June 2022. HTTP/3 offers several advantages over older HTTP protocols, including: - -* Faster connection setup. -* No head-of-line blocking. -* Better transitions between networks. - -.NET 7 added support for HTTP/3 to ASP.NET Core and Kestrel. ASP.NET Core apps could choose to turn it on. In .NET 8, HTTP/3 is enabled by default for Kestrel, alongside HTTP/1.1 and HTTP/2. For more information about HTTP/3 and its requirements, see . - ### HTTP/2 over TLS (HTTPS) support on macOS in Kestrel .NET 8 adds support for Application-Layer Protocol Negotiation (ALPN) to macOS. ALPN is a TLS feature used to negotiate which HTTP protocol a connection will use. For example, ALPN allows browsers and other HTTP clients to request an HTTP/2 connection. This feature is especially useful for gRPC apps, which require HTTP/2. For more information, see .