Security

TL;DR - Practical Tips for ASP.NET Core HTTP Logging Middleware Use EnableBuffering() to safely log request bodies and reset stream position after reading. Capture response bodies by swapping HttpResponse.Body with a MemoryStream and restoring after logging. Always filter or redact sensitive data before logging HTTP bodies. Set size limits and skip large or binary payloads to avoid performance issues. Filter logs by endpoint, HTTP method, or custom attributes for clarity. Built-in HttpLogging is simple; custom middleware offers full control and advanced filtering. Use structured logging and external services for production monitoring. Wrap middleware in extension methods for clean, configurable registration. Leverage PipeReader and System.IO.Pipelines for more efficient memory usage. Use Span<T> and ArrayPool<T> for zero-allocation processing of large payloads. Consider implementing request sampling in production to reduce log volume. Use a complete middleware implementation that combines all best practices. 1. How does EnableBuffering help you log request bodies in ASP.NET Core? EnableBuffering allows you to read request bodies multiple times without breaking the pipeline. ...

Master local HTTPS in .NET with dotnet dev-certs https. Learn how to create, trust, and troubleshoot development certificates, avoid common pitfalls, and follow best practices for secure, productive local development.