How to run a localhost app using 127.0.0.1 and the issues you can have if you don’t — Testing apps locally by accessing them over localhost is perfectly fine majority of the time. But what happens when you need to manipulate cookies from the backend? The Issue Recently I ran into an issue where logout functionality wasn’t working. I had a .NET client app which was using Duende Identity Server as…

Learn how Duende Identity Server works behind the scenes — What is Identity Server? Duende Identity Server is a popular identity provider implementation. You can use it to provide SSO, using a protocol such as OIDC, to your customers. Why debug it? The code is open source, so you can easily go to their GitHub project and view the source code. However, by being able to debug the…

A deep dive into how settings in Azure can CORS errors — I had an interesting problem to troubleshoot at work the other day. Our web app was failing to make an HTTP request to our web service. In the network tab, you could see errors about CORS. …

How signature verification works at a low level — This is the final article in the “How Browsers Verify Digital Certificates” series. If you haven’t already, have a read of part 1 before proceeding. In this article, we will: Extract the “to be signed” (tbs) certificate from the R3 certificate. Extract the signature from the R3 certificate. Use .NET…

How signature verification works at a low level — This is part 1 of a 2 part series where we look at how a digital certificate’s signature is verified. In this article, we’ll look at how we can extract the public key from a root CA certificate, and in part 2, we’ll look at how we can use that…

A look at how constants work in the .NET Framework — What is const? When a variable is marked as const, its value cannot change. eg. const int BoilingTempCelcius = 100; A constant must be determinable at compile time, which means only the primitive types (bool, int, long, stringetc) can be marked as const. However, C# lets you declare a non-primitive type as const…

Some questions and answers about HSTS and preload — Here are some questions I came up with while learning HSTS, and the corresponding answers. What is HSTS? The Strict-Transport-Security header looks like this:

A look at the memory consumption of each in .NET 5.0 — Let’s compare iterating over an IList<T> and a List<T> using a foreach loop and see which one uses more memory. Here I’m using the BenchmarkDotNet NuGet package to view the allocated memory. Results

A comparison of the number of iterations in .NET 5 and .NET Framework — How many source “iterations” would happen when the below code executes? Hypothesis Most people think one of two things: The source is iterated just once, so three iterations/loops for a source with three items. Nine iterations (each extension method iterates the collection). Let’s find out the correct answer. What is an iteration?