The art of simplicity

In my blog post yesterday I shared how I got into trouble when I tried to deploy a Blazor WebAssembly App to an Azure App Service for Linux. Turns out that this is not supported. However the documentation mentions that it should be possible using Azure Static Web Apps . So far I didn’t use Azure Static Web Apps, this is a good opportunity to finally give it a try… Create a Static Web App Go to the Azure portal . Select Create a Resource and search for Static Web Apps. Select Static Web App . Click on the Create Static Web App button or + Create if you already created a Static Web App before. On the Basics tab, choose a Subscription, Static Web App name and hosting plan. We also need to select a region for the Azure Functions API although we’ll not use it. And now comes the important part, we have to choose a deployment option. In my case I have the code available on Azure DevOps, so let’s choose that option and specify all the other deta...

I hope this blog post becomes irrelevant in the future, we'll see. I was trying today to deploy a Blazor WebAssembly app on Linux. Although I was able to succesfully deploy the Blazor WebAssembly app through my Azure DevOps pipeline, the application didn't want to run???? After a lot of trial and error, I found the following information in the documentation : Blazor WebAssembly apps can be deployed to Azure App Services on Windows, which hosts the app on IIS . Deploying a standalone Blazor WebAssembly app to Azure App Service for Linux isn't currently supported. We recommend hosting a standalone Blazor WebAssembly app using Azure Static Web Apps , which supports this scenario. Whoopsy! I could have thought about this sooner, because when I tried to Publish the application through Visual Studio(right click on the Project –> Publish) only the Azure App Service(Windows) option was shown:

After making a small change to a Blazor application, I redeployed it to an Azure App service. When I tried to open the updated Blazor application nothing happened. When I opened up the browser console, I noticed a list of errors: There are 2 errors important to explain what is going wrong: Failed to find a valid digest in the 'integrity' attribute for resource 'https://cloudbreweshopweb.azurewebsites.net/_framework/dotnet.timezones.blat' with computed SHA-256 integrity '2NJf++ql6UnbRRdYWEir6MxH58bYGWDEqofII/z+Xmo='. The resource has been blocked. Failed to find a valid digest in the 'integrity' attribute for resource 'https://cloudbreweshopweb.azurewebsites.net/_framework/dotnet.wasm' with computed SHA-256 integrity 'y0gwhQ7a6FTinj6R6HEA3SlRDb/iL70a56PEGpKbt/8='. The resource has been blocked. This is related to the integrity checks executed by the browser. Integrity checks When Blazor WebAssembly downloads an app's st...

For an internal application I’m building I needed to use Basic authentication. Remark: In case you forgot, Basic Authentication transmits credentials like user ID/password as a base64 encoded string in the Authorization header. This is of course not the most secure way as any man-in-the-middle can capture and read this header data. If you look around on the Internet, a typical example on how to this in .NET looks like this: We create a HttpClientHandler, set the Credentials and pass it to our HttpClient as a parameter. Of course it is even better to not create an HttpClient instance yourself but instead use the HttpClientFactory to create a Named or Typed HttpClient. But if you try to use the code above in a Blazor application, you’ll end up with the following runtime error: System.PlatformNotSupportedException: Property Credentials is not supported. As the HttpClient implementation for Blazor stays as close as possible to the fetch api the browser, you’ll ne...

While building an internal (Blazor) application, I stumbled over some CORS issues. As this was an internal application, I decided to be lazy and just disable CORS on my request: In the example above I’m using the  SetBrowserRequestMode() to disable the CORS preflight check. Afther doing that the CORS issue was gone, unfortunately my application still didn’t work because now I got a 401 response back?! I was quite confident that the provided username/password combination was correct. So what is going on? I monitored my request using the browser developer tools and I noticed that the authorization header was missing: What was going on? The MDN documentation brought me the answer when I had a look at the request mode documentation specifically for ‘no-cors’: no-cors — Prevents the method from being anything other than HEAD , GET or POST , and the headers from being anything other than simple headers . If any ServiceWorkers intercept these requests, they may n...