SteveSandersonMS

Why sequence numbers should relate to code line numbers, not execution order

Or in other words, why you should hard-code sequence numbers, and not generate them programmatically.

Unlike .jsx files, .razor/.cshtml files are always compiled. This is potentially a great advantage for .razor, because we can use the compile step to inject information that makes things better or faster at runtime.

A key example of this are sequence numbers. These indicate to the runtime which outputs came from which distinct and ordered lines of code. The runtime uses this information to generate efficient tree diffs in linear time, which is far faster than is normally possible for a general tree diff algorithm.

Example

SteveSandersonMS

Authentication and Authorization

Authentication means determining who a particular user is. Authorization means applying rules about what they can do. Blazor contains features for handling both aspects of this.

It worth remembering how the overall goals differ between server-side Blazor and client-side Blazor:

• Server-side Blazor applications run on the server. As such, correctly-implemented authorization checks are both how you determine which UI options to show (e.g., which menu entries are available to a certain user) and where you actually enforce access rules.
• Client-side Blazor applications run on the client. As such, authorization is only used as a way of determining what UI options to show (e.g., which menu entries). The actual enforcement of authorization rules must be implemented on whatever backend server your application operates on, since any client-side checks can be modified or bypassed.

Authentication-enabled templates for Server-Side Blazor

SteveSandersonMS

Preserving State in Server-Side Blazor applications

Server-side Blazor is a stateful application framework. Most of the time, your users will maintain an ongoing connection to the server, and their state will be held in the server's memory in what's known as a "circuit". Examples of state held for a user's circuit include:

• The UI being rendered (i.e., the hierarchy of component instances and their most recent render output)
• The values of any fields and properties in component instances
• Data held in DI service instances that are scoped to the circuit

Occasionally, users may experience a temporary network connection loss, after which Blazor will attempt to reconnect them to their original circuit so they can continue.

SteveSandersonMS

#include <wasi/api.h>
#include <stdlib.h>

// Based on https://github.com/WebAssembly/wasi-libc/blob/main/libc-bottom-half/sources/__wasilibc_real.c,

int32_t __imported_wasi_snapshot_preview1_args_get(int32_t arg0, int32_t arg1) { return 0; }

int32_t __imported_wasi_snapshot_preview1_args_sizes_get(int32_t arg0, int32_t arg1) { return 0; }

int32_t __imported_wasi_snapshot_preview1_environ_get(int32_t arg0, int32_t arg1) { return 0; }

SteveSandersonMS

Error handling in Server-Side Blazor

Developers building Blazor applications should be aware of how the framework deals with exceptions, and what steps to take in order to maximize reliability and to detect and diagnose errors.

To recap, server-side Blazor is a stateful framework. For as long as users are interacting with your application, they maintain a connection to the server known as a circuit. The circuit holds all the active component instances, plus many other aspects of state such as the components' most recent render output and the current set of event-handling delegates that could be triggered by client-side events. If a user opens your application in multiple browser tabs, then they have multiple independent circuits.

As a high-level principle, Blazor treats most unhandled exceptions as fatal to that circuit. If a circuit is terminated due to an unhandled exception, the user can only continue by reloading the page to create a new circuit and starting again, although other circuits (e.g., th

SteveSandersonMS

public class Customer
{
    public string FirstName { get; set; }
    public string LastName { get; set; }
    public Address Address { get; } = new Address();
    public List<PaymentMethod> PaymentMethods { get; } = new List<PaymentMethod>();
}

public class Address
{

SteveSandersonMS

public class RevalidatingAuthenticationStateProvider : AuthenticationStateProvider, IDisposable
{
    private static TimeSpan RefreshInterval = TimeSpan.FromMinutes(30);

    private readonly CancellationTokenSource _cts;
    private ClaimsPrincipal _currentUser;

    public RevalidatingAuthenticationStateProvider(SignInManager<IdentityUser> signInManager)
    {
        _cts = new CancellationTokenSource();

SteveSandersonMS

@page "/"
@using System.Net.WebSockets
@using System.Text
@using System.Threading
@implements IDisposable

<h1>Echo test</h1>
<h3>State: @webSocket.State</h3>

@if (webSocket.State == WebSocketState.Open)

SteveSandersonMS

@* Unfortunately this has to be named BlazorForm, not Form, because we can't differentiate based on casing *@
<form onsubmit=@HandleSubmit>
    @ChildContent(_context)
</form>

@functions {
    private FormContext _context = new FormContext();

    [Parameter] protected RenderFragment<FormContext> ChildContent { get; set; }
    [Parameter] protected Action<FormContext> OnSubmit { get; set; }

SteveSandersonMS

using System;
using System.Threading.Tasks;

namespace Microsoft.AspNetCore.Components
{
    public class SectionContent : IComponent, IDisposable
    {
        private SectionRegistry _registry;

        [Parameter] public string Name { get; set; }