16 Using the platform features, part 2

 

This chapter covers

  • Using cookies to store data that will be presented in subsequent requests
  • Using sessions to identify related requests and store associated data
  • Working with HTTPS requests
  • Limiting the rate of requests processed by endpoints
  • Responding to exceptions and errors
  • Filtering requests based on the host header

In this chapter, I continue to describe the basic features provided by the ASP.NET Core platform. I explain how cookies are used and how the user’s consent for tracking cookies is managed. I describe how sessions provide a robust alternative to basic cookies, how to use and enforce HTTPS requests, how to deal with errors, and how to filter requests based on the Host header. Table 16.1 provides a guide to the chapter.

Table 16.1 Chapter guide (view table figure)

Problem

Solution

Listing

Using cookies

Use the context objects to read and write cookies.

1–3

Managing cookie consent

Use the consent middleware.

4–6

Storing data across requests

Use sessions.

7, 8

Securing HTTP requests

Use the HTTPS middleware.

9–13

Restrict the number of requests handled by the application

Use the rate limiting middleware

14

Handling errors

Use the error and status code middleware.

15–20

Restricting a request with the host header

Set the AllowedHosts configuration setting.

21

16.1 Preparing for this chapter

16.2 Using cookies

16.2.1 Enabling cookie consent checking

16.2.2 Managing cookie consent

16.3 Using sessions

16.3.1 Configuring the session service and middleware

16.3.2 Using session data

16.4 Working with HTTPS connections

16.4.1 Enabling HTTPS connections

16.4.2 Detecting HTTPS requests

16.4.3 Enforcing HTTPS requests

16.4.4 Enabling HTTP strict transport security

16.5 Using rate limits

16.6 Handling exceptions and errors

16.6.1 Returning an HTML error response