ASP.NET Core
The web framework. Hosting, transports, middleware, DI, configuration, API surface (Minimal APIs and OpenAPI), routing, caching, rate limiting, error handling, and modern .NET 9 additions like MapStaticAssets.
Topics (canonical order)
-
Generic host,
IHost, lifecycle, Kestrel basics,IHostedService -
Hosted Services & Background Work
IHostedServicevsBackgroundService, graceful shutdown, Quartz vs Hangfire vs k8s CronJobs -
HTTP/2 multiplexing, HTTP/3 over QUIC, ALPN, when each pays off
-
Ordering, branching, custom middleware, terminal handlers,
Map/MapWhen -
Lifetimes (singleton/scoped/transient), captive deps, keyed services,
IServiceProviderIsService, anti-pattern catalog -
IOptions/IOptionsSnapshot/IOptionsMonitor,ValidateOnStart,ValidateDataAnnotations, provider chain, secret rotation -
API Versioning & REST Contracts
Asp.Versioning, idempotency keys,ETag/If-Match, RFC 9110/9457 -
Validation, filters, OpenAPI, MVC parity in .NET 9
-
Binding sources, value providers, custom binders, FluentValidation comparison
-
Action / result / exception filters, ordering, when to prefer middleware
-
HttpContext, feature collection, server abstractions -
Endpoint routing, route constraints, fallbacks, route templates
-
New output cache (.NET 7+) vs response cache, vary-by, eviction
-
Built-in middleware, fixed/sliding/token-bucket/concurrency, partitioned limiters
-
Liveness vs readiness, custom checks, k8s probe wiring
-
ProblemDetails & Error Handling
IExceptionHandler,AddProblemDetails, RFC 7807/9457, request decompression -
IStringLocalizer,CultureInfo.InvariantCulture, RTL, Unicode normalization -
Static Assets & MapStaticAssets
MapStaticAssets(.NET 9), CDN, cache headers, asset fingerprinting -
Built-in OpenAPI in .NET 9+, schema generation, transformers
-
Forwarded Headers & Reverse-Proxy Hosting
UseForwardedHeaders,KnownProxies/Networks, App Service shortcut, BREACH-aware HTTPS -
In-process vs out-of-process IIS, ANCMv2,
web.config,UseWindowsService,UseSystemd -
Identity Endpoints (
MapIdentityApi)
.NET 8+ minimal-API Identity, opaque bearer tokens, refresh, vs Duende/OpenIddict
-
Request Decompression & Response Compression
UseRequestDecompression, Brotli vs Gzip, BREACH risk, decompression bombs -
Server-Sent Events (.NET 10 Native)
TypedResults.ServerSentEvents,IAsyncEnumerable<SseItem<T>>, AI chat streaming -
Endpoint Filters & Route Group Conventions
IEndpointFilter,MapGroup, conventions, validation/tenant-scope filter patterns -
WebHooks — Sending & Receiving
HMAC signatures, replay protection, idempotency, retries + DLQ, Outbox-driven sender
-
Output Formatters & Content Negotiation
[Produces]/[Consumes], custom formatters, ProblemDetails, NDJSON streaming -
Types of Web Projects in ASP.NET Core
dotnet newtemplate tour: Web API, Minimal, MVC, Razor Pages, Blazor Web App, Blazor WASM, MAUI Hybrid, Worker, gRPC, Aspire AppHost — when to pick which -
Refit interface-first, Kiota OpenAPI-driven, NSwag legacy; CI integration, regen-and-commit trade-offs
Why this order
Hosting → background work → transports → pipeline → DI → config establishes the runtime substrate before introducing API surface (Minimal APIs / MVC / Razor). API surface comes before routing/caching/rate-limiting because those concepts apply across all API styles. ProblemDetails / globalization / static-assets / OpenAPI cluster at the end as cross-cutting concerns.
Cross-references
- DI links forward into Architecture & Patterns for usage patterns.
- API versioning + ProblemDetails feed into API Design for SPA Clients.
- Hosted services link forward to Messaging Fundamentals for consumer hosts.
- Static assets link to PWA & Static Assets.