Blazor project tracking 2024

[guardrex]

2024

History

• Blazor project tracking 2023 (dotnet/AspNetCore.Docs #28001)
• Blazor project tracking 2022 (dotnet/AspNetCore.Docs #24615)
• Blazor project tracking 2021 (dotnet/AspNetCore.Docs #19286)

.NET 10 Next Year

• .NET 10: File Upload work: File uploads (writing to memory/Autofac content) #33357, Multiple files upload hangs the process in a blazor server app aspnetcore#47301

Doc ideas

Not ALL of these will be worked. This is an idea list/check list that don't rise to the level of opening an issue at this time.

• GDPR article for Blazor? What is the right way to do GDPR cookie consent in Blazor Server? aspnetcore#59457
• In the Event Handling article we just say that returning a task from an event handler is supported. Does the PU want to go further (i.e., a recommendation). Does the PU wish to say more about fire-and-forget async void versus async Task?
• I like this section https://learn.microsoft.com/en-us/aspnet/core/security/authentication/identity-enable-qrcodes?view=aspnetcore-9.0&branch=pr-en-us-34298#totp-client-and-server-time-skew for both of the Blazor 2FA/TOTP articles.
• Updating <script> tag placement guidance on Update script tag location guidance #34346; but in the context of [Blazor] Remove blazor script check razor#8744 and the original language, it isn't clear what "updated dynamically" means or "not do what they expect."
• Do we want to roll account confirmation with PW recovery and 2FA/TOTP into the WASM+Identity sample app, probably with them in a configurable state for enabling the features so that they don't break casual use of the sample without setting up an email provider. 2FA/TOTP coverage for WASM+Identity #34189 (comment)
• Do we want to add app roles, Azure Admin roles, and Azure security groups to our BWA+Entra article+sample? Can I just cross-link an existing BWA-Graph sample in either Graph or Identity docs? Either way, the Application roles for apps registered with Microsoft Entra (ME-ID) section of the BWA+OIDC article will have a cross-link or different guidance based on how this is handled.
• In the PU repo's project templates, the app settings JSON files don't have a LF on the last line of the file.
• See Blazor - Wasm pre-rendering (without server interactivity) - MSAL Auth on client side only not working aspnetcore#58833 for coverage in the Security and Identity overview and note it in prerendering coverage at https://learn.microsoft.com/en-us/aspnet/core/blazor/components/prerender?view=aspnetcore-8.0#prerendering-guidance ... and note that https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/additional-scenarios?view=aspnetcore-8.0#prerendering-with-authentication is broken (at least for the 8.0 release).
• In the WASM+Identity sample app and article, adopt EditForm and DA in the Login and Register components.
• After Add Key Vault approach for client secret #33934 and WASM+Identity acct conf and PW recovery #33976 merge, add the key vault approach for the email provider API key to both of the acct conf+PW articles.
• For the BWA acct conf + PW recovery article, confirm that the wiring up of just the acct conf is enough to also activate the PW recovery part, which I don't recall if I tested or not at the time. It should just light up 💡 ... I think 🤔.
• new() and new[] { } for simplification []. Some done on Blazor code example updates #33786 ... more to come.
• WasmBrowserApp: IntelliSense is saying to use local functions for the listener functions.
• For early 2025, get the FileUpload2 example (CSR) fully working for BWA and WASM samples. For BWA, the component is present, but there's no server controller to hit. For WASM, the component is in the WASM sample app but really should be moved to the new Call web API sample, where it can be made to work.
• Replace in-text (usually non-working) examples with dotnet/blazor-samples-based, fully working, cut-'n-paste examples. Might be best to create a list on an issue first, then I can work down the list.
• Apply form beautification 🌷 to the 8.0 sample app forms.
• Review Dynamic and extensible authentication requests for coverage opportunities [Blazor][Wasm] Dynamic and extensible authentication requests aspnetcore#42580 [Blazor] Dynamic authentication requests aspnetcore#42692
• To show and explain anti-request forgery in the File Uploads topic, use some commented-out text held there to enable controller services with AddControllersAndViews and pass the anti-forgery token to the Blazor app (<8.0) or obtain it from the anti-forgery feature (>=8.0) for the POST.
• With <NotFound> going away for BWA at 8.0, I think a dedicated bit in the Error handling topic on processing 404s via built-in server middleware makes sense (i.e., UseStatusCodePagesWithRedirects). Be sure to search for it because a cross-link is required in at least one case where I left a NOTE about BWAs not using the Not Found content template any longer.
• Root-level cascading values followup items: Root-level cascading values 8.0 #30095
• Custom ICU creation for WASM didn't make the cut for 8.0 or 9.0. It's scheduled for 10.0 now. [browser][icu] Automate custom icu creation runtime#82908
• I wasn't able to resolve Provide examples/references to avoid unauthorized content display during prerendering #29448 with Provide examples of recommendations #29449 because I can't see how the implementation should be applied in the reader's example app to avoid the reported behavior. Will circle around to this subject with Javier after .NET 8 releases.
• Revert content (Live content) to a cross-link when Azure Static Web Apps docs get a tutorial/tooling guidance for the new publish from VS gesture. Tracking on Azure docs issue: https://github.com/MicrosoftDocs/azure-docs/issues/112013 UPDATE (9/25/24): DR said he'd follow up with them because they closed the issue as a won't-fix.
• Need to keep an 👁️ on WebSockets with Azure Front Door remark in this section. Not supported today, but they might have something 23H1 roll out per https://github.com/MicrosoftDocs/architecture-center/issues/1891#issuecomment-1284754716 and https://feedback.azure.com/d365community/idea/c8b1d257-8a26-ec11-b6e6-000d3a4f0789.
• Although I'm working the Security node passes in February, I'm going to handle one item separately after the passes are finished pertaining to handling refresh tokens from Razor components when a request fails (e.g., Give more info about RefreshToken  #26086). Javier said, "... it involves sending a request to the token endpoint of the OIDC/OAuth provider in the same way you do in a web application." The refresh token is available to components via TokenProvider in the current guidance, so it seems that the component calls a server API to hit up the IdP to renew (and get a new refresh token) with an update to the TokenProvider with the new tokens. The component continues processing transparently (re-initiates the web API call that it was making in the first place) after the server-side work. Cross-refs: Miss a strategy to handle the refresh of tokens #19797 (comment)
  • Especially: How to refresh updated Claims without login out #22405 (comment)
  • ... and because it was never built-into the scaffolder to change the default logout page for Blazor Server: Scaffold different logout for Blazor Server Scaffolding#1423 ... OR, alternatively ...
  • XSRF antiforgery token content exists and the component can pass it to the endpoint because I don't think we want to tell devs to decorate server-side endpoints with @attribute [IgnoreAntiforgeryToken], including for logout. The coverage is at: https://learn.microsoft.com/en-us/aspnet/core/security/authentication/scaffold-identity?view=aspnetcore-7.0&tabs=visual-studio#pass-an-xsrf-token-to-the-app
• Per Steve's .NET Conf talk, shouldn't we briefly cover FileSystem API use in Blazor apps?
• Let's run through the testassets pieces in the framework to see what might be helpful for devs to see in docs. It's a large task tho because there's so much there. This probably can't be worked in 23H1, possibly for 23Q3 tho.
• It would probably be nice to create a QuickGrid example that opens and closes a detail record component without losing the page and scroll position of the grid. For context, see Blazor database example's list page is reloaded when coming back from a details page blazor-samples#58.
• Do we want a cascading param state management example? https://learn.microsoft.com/en-us/aspnet/core/blazor/state-management?view=aspnetcore-6.0&pivots=webassembly#additional-approaches-wasm Blazor: In-memory state container as cascading parameter #27296
• Best to have PU 🐈 look over the SignalR-Blazor enhancements for SignalR config (in the SignalR doc and the WASM/Server Host and Deploy docs) and SignalR client logging (in the Logging doc).
• Place element attributes in alphabetical order.

Resolved

• "MS Build" should have no space ... MSBuild. Remove space in "MS Build" #32485
• Check this Graph SDK v5 update #30792 to make sure the v5 code works. I think it will, but it's best to confirm it. I won't check it tho if Philip Reed gets back to me that it worked for him. Resolved by Graph scopes clarification and addl updates #32108.
• There are some Razor code rendering problems that should be reported. Done! Via email DR is aware and said he'll try again to get it improved.
• Preview notice in BWA+OIDC BFF pattern. UPDATE: Taken care of on an earlier PR.
• Update INCLUDEs for introductions WRT the examples going into the sample apps. INCLUDES removed, so no longer a concern.
• Find XXX.Count() > 0 and swap for .Any(). Swap .Any() for .Count() #33475.
• CODEOWNERS file updates for Blazor docs outside of the Blazor node. CODEOWNERS for Blazor docs #33478
• Blazor scaffolder location change in VS UI. Blazor scaffolder VS location change #33481
• Update the Blazor CRUD scaffolder to use IDbContextFactory instead of injecting the DbContext directly in to components ... Update the Blazor CRUD scaffolder to use IDbContextFactory instead of injecting the DbContext directly in to components Scaffolding#2693 Done! per the tutorial updates prior to merging the PR.
• Promote NOTE on 'Avoid using a loop variable directly in a lambda expression' in Images and Documents article to article text. Promote NOTE to article text #33483
• Merge Remove Blazor Server SignalR sample blazor-samples#303 after open PRs are merged. Done!
• Bad phrase in the QR code doc: "placeholder is where the site (company) name" ... needs "goes" at the end. Improve site (company) name setting coverage #33485
• Use "session affinity" instead of "sticky sessions," but call out that "sticky sessions" is also a commonly-used term. Use "session affinity" terminology #33487
• Confirm Blazor docs use "Native AOT" ... not "native AOT." Native AOT capitalization #33498
• Confirm that "Razor Class Library" (proper noun) is only used for text that refers to the project template. All other instances should use adjective capitalization ("Razor class library"). This should already be the case, so hopefully few or no 😈 have gotten into the docs over the years. RCL casing #33500 (only found in non-Blazor docs)
• Convert table format over to the simplified structure without opening and closing pipes (|). Table formatting #33560
• Analyze where/how "by default" is used in Blazor docs. Eliminate it spots where it isn't necessary. Also, confirm affirmative reasons for because subordinate conjunctions. Language updates #33587
• "Data Protection" should be capitalized when referring directly to the ASP.NET Core feature (service). Update to proper noun #33607
• RP/MVC tutorial movie attributions ... I don't think that they're present. UPDATE: Email sent to doc 🐈 🐈🐈.
• Mirror stronger remarks in Provide stronger guidance for using identity cookies over tokens for security #32994 for https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/standalone-with-identity. Stronger guidance for using Identity cookies #33610
• Main doc set: The HTTPS Redirection Middleware says "always" redirects, but that's not exactly right ... it's if there's an HTTPS port available that it always redirects. Clarify middleware activation #33613
• I made the Blazor script placeholder lines BOLD on Highlight placeholder line #31318 for the SignalR config doc. Do that everywhere across the Blazor docs. Enhance placeholder lines #33615
• Naming: Check/change from 'Blazor WebAssembly runtime" or just "WebAssembly runtime" to ".NET WebAssembly" runtime. Update WASM runtime naming #33617
• Make sure that @using static Microsoft.AspNetCore.Components.Web.RenderMode is in all of the 8.0+ _Imports.razor files. Per Integration article updates #31445. Confirmed OK! 👍 No action needed.
• It's desirable to identify whether the request is GET or POST in OnInitialized or OnParametersSetAsync blazor ssr form processing issues aspnetcore#51978 PR: Initialize form data with static SSR #33630
• For the RCL case in https://learn.microsoft.com/en-us/aspnet/core/blazor/javascript-interoperability/?view=aspnetcore-8.0#load-a-script-from-an-external-javascript-file-js, it shouldn't break using ./, but shouldn't we remove the ./ in the general case? Directory path notation (./) for RCL assets #33632
• Noting from a passing message because I don't think we cover it ... Does await base.OnAfterRenderAsync(firstRender); need to be called? No, we try to avoid making people call base on ComponentBase virtual methods. They can call it if they want but it’s a no-op. Covered! It was addressed on two PRs I believe within the last year or two.
• Check on "anti-forgery" vs. "antiforgery" ... the style manual uses "antiforgery" (no hyphen), but Chicago calls for it IIRC. We mostly seem to use the hyphen with it. Dehyphenate "anti-forgery" #33634
• Confer with Artak on the correct PU group to add to the dotnet/blazor-samples repo. Check for (and send) empty body on log out post. blazor-samples#136 Resolved! 👍
• Skipping API doc crosslinks for the Routing article because there's a large open PR on it. Circle back to it later. Routing article updates #33644
• Check on "interactive <Router> (or routing or router)" language for cross-links to new guidance in the Fundamentals > Routing article. Routing article updates #33644
• Check on places where the main (non-.Client) project is mentioned for BWAs and confirm that they're all described as the "server project." Checked! ... and seems ok.
• Check back in 24Q1 on the doc Razor code formatting problem reported in Incorrect code formatting in Tab.razor example #30157. Discussed with Dan offline.
• Component param example for How to render a matrix correctly in Blazor? aspnetcore#49945 (comment). Enhance loop variable rendering coverage #33648
• _/this all the things ... Fix naming violations in sample code (_camelCase with underscore for private fields) #30533 (comment). Blazor conventions updates #33652
• Consider moving the component example in Handle caught exceptions outside of a Razor component's lifecycle into the sample apps. For an alternative approach, see DispatchException sample blazor-samples#186. Nah! ... Let's go with what we have. WRT moving the sample to the sample app, let's leave it in place in the article for now.
• Keeping an 👁️ on Question/request for documentation on .NET WASM runtime env vars runtime#98225 for an additional update to Startup article guidance in the Configure the .NET WebAssembly runtime section. Add link to runtime doc request issue #33658 ... Cross-link the issue that I opened for now. Will update text when they place docs.
• Azure docs will host content+samples(s) for BWA+MS Identity Web+Azure hosting. Check back and cross-link to their new content when it appears. Blazor Web App with OIDC article #31555 (comment) UPDATE: Seems that the project template is going to produce this. If we carry a sample app/article, it will be determined by and opened in relation to .NET 9 coverage at RC2. It's tracked by the .NET 9 tracking issue.
• Consider Remove/update enhanced nav remark #31118 (comment) for coverage in 24H1. UPDATE: Per Mackinnon's remarks, let's NOT do anything about this at this time. He basically says that if they feel coverage is needed that they'll let me know.
• For the Standalone WASM w/Identity article+sample: Swap IdentityUser for AppUser -AND- I need to cross-link in the article's remark for "advanced Identity features" to whatever the main doc set is going to have on the subject in the SPA/Identity docs. SPA authentication and authorization doc #31010 (comment) UPDATE: The cross-link is already there, and we'll keep AppUser because the sample+article now manages user roles added to IdentityUser.
• Custom auth state provider refactor to include WASM coverage. Authentication state updates #33668
• Blazor tutorial: Check and drop "trademark" for attributions. Drop trademark attribution #33685
• Include "NuGet package" in nuget.org cross-links to make it clear the link goes to the package and not the namespace/API doc. Improve Nuget package cross-links #33689 ... BUT had to close as a won't-fix scenario.
• Bias-free communication sweep https://learn.microsoft.com/en-us/style-guide/bias-free-communication Bias-free communication #33706
• Better cross-link for SIMD references. Update SIMD cross-link #33708
• Add nav menu cut-'n-paste snippets for our fully-working demos? Won't fix ... there are too many.
• Investigate this Artak remark on MIA security remarks: Something wrong with AuthorizationMessageHandler in .net 6 aspnetcore#38486 (comment) Fix custom auth message handler example #33723
• When Document blazor msbuild configuration options docs#27395 is resolved and Mono/WASM MSBuild props are covered, update the cross-links from the targets file to the new official doc. Links can be located on the PR that added them at Mono/WASM MSBuild property guidance #24493. UPDATE (9/26/24): It doesn't look like they're ever going to do this. I don't need to keep this item here because I'll be pinged per the open issue if they ever work it.
• Improve auth state provider docs per Improve documentation for blazor authentication aspnetcore#47490. UPDATE (9/26/24): Work was done on Authentication state updates #33668, and there's a new dedicated custom auth state provider doc that has coverage for both server and client scenarios.
• There was no time to update the images for the Lazy load assemblies article. Consider bringing dev tools images back for the Complete example section. Won't fix: The text calls out looking at the Network tab to see the assembly load. I don't think an image is needed.
• Check on antiforgery with the new standalone WASM w/Identity article scenario. UPDATE (9/26/24): There's a section covering this now, so we're good.
• Check again the new guidance on breaking on unhandled exceptions with normal VS in 24Q1. My Preview VS might be funky and not permitting it to work properly. Cross-ref: WASM debug scenario update #30849 UPDATE (9/26/24): AFAIK, the guidance is fine. We've worked on it and improved it since this tracking entry was placed here.
• Update for use of C# Dev Kit: https://marketplace.visualstudio.com/items?itemName=ms-dotnettools.csdevkit ... .NET talk is at https://www.youtube.com/watch?v=tFCZw-wZVtg and there's a .NET Conf talk on it Day 1 - 3:45 *Resolved by Blazor Debug topic follow-up items #30443.
• Check AuthorizeView coverage for error/API described in ClientID vs SecretID #31119. UPDATE (9/27): Don't think we need to address this. BWA OOB (according to Jeremy) works with social logins, and the (client) App Id for the app registration is clearly delineated from the secret Id in the article. True that we don't have a sample app with social login(s), but we'll wait and see if issue(s) come in indicating problems.
• C#12 primary ctors Blazor code example updates #33786
• Update a handful of "Microsoft identity platform" instances with incorrect capitalization. Correct capitalization #33808
• Update title of BWA+Entra article to include "ID." Cross-link 9.0 sample code #33872
• Per the discussion at Simple Update for state management #29749, consider a more general demo of a state management service that works across clients/circuits. UPDATE: We'll let this stand for now on the updates that were made.
• Check the debugging guidance to confirm that it didn't regress at .NET 8 and confirm the presence of the file:// pages for debugging on the client. Minor updates to the Debug article #33887
• Convert the Blazor-EFCore sample app's manual grid to use a GridView? UPDATE: Actually, the way to address this is just to cross-link the new movie tutorial, which uses QuickGrid. Cross-link movie tutorial in EF Core article #33889
• See about placing the Key Vault code in the BWA+OIDC and BWA+MS Identity Web articles. Add Key Vault approach for client secret #33934
• Update a couple of spots where @inject NavigationManager NavigationManager crept into code examples.
• See if I can drop the sample code and versioning from the ToDo List tutorial and just go with NRT code throughout. Add an NRT note to the top for <6.0 (C# 10). Naaaah! Decided not to do this ... at least for the time being.
• Confirm update the sample app lists in the sample repo README and the Fundamentals > Overview article. Add/improve article linking from the samples repo. Remove sample list #33987 Update sample list in README blazor-samples#386

PU review items

Steve:

• API of last paragraph in https://learn.microsoft.com/en-us/aspnet/core/blazor/components/render-components-outside-of-aspnetcore?view=aspnetcore-8.0.

Halter:

• Halter to review this section.
• Confirm scope and authority guidance in the BWA+OIDC article that was added on 3/26 on Update scope/authority guidance in BWA+OIDC article #32149.
• The following went in without review because they sat for weeks without response and without answers to email requests for review:
  • https://learn.microsoft.com/en-us/aspnet/core/blazor/security/blazor-web-app-with-entra?view=aspnetcore-9.0#azure-key-vault
  • https://learn.microsoft.com/en-us/aspnet/core/blazor/security/webassembly/standalone-with-identity/account-confirmation-and-password-recovery?view=aspnetcore-9.0

Javier:

• Ask Javier about https://github.com/dotnet/aspnetcore/blob/main/src/Components/test/testassets/BasicTestApp/MarkupBlockComponent.razor#L37C21-L37C37 because we say in the Threat Mitigation topic not to use builder.AddMarkupContent(0, someUserSuppliedString) because it can create an XSS vulnerability.

Mackinnon:

• The section https://learn.microsoft.com/en-us/aspnet/core/blazor/fundamentals/signalr?view=aspnetcore-9.0#websocket-compression-for-interactive-server-components wasn't reviewed ... no one was available to look.
• "SSR" interpretation in the framework code+comments isn't "static server rendering." Discuss further, including earlier remarks that the terminology choices weren't what was expected. [Blazor] Inconsistence in usage of "SSR" abbreviation #33843
• Confirm language on interactive SSR components in the Pages folder of the .Client project. Removed on Remove remarks #34050 per DR's request. A PU issue where Javier says that it's correct: Blazor Web App Template Global Interactivity location causes Not Found issue when navigate to the page/component in Server project. aspnetcore#58944 (comment)
• Put an 👁️ on one line in particular in the prerendering with JS interop INCLUDE file: An infinite loop isn't created because StateHasChanged is only called when scrollPosition is null.
• Review of the new section on custom input components at https://learn.microsoft.com/en-us/aspnet/core/blazor/forms/binding?view=aspnetcore-8.0#custom-input-components.
• Review of https://learn.microsoft.com/en-us/aspnet/core/blazor/images-and-documents
• Confirm addHandlers module FN approach for wiring up event handlers.
• When he's free, check on the param expression bit added by Bound field or property expression convention #32511.
• The framework does what we say devs aren't supposed to do on transient disposables for IHttpClientFactory/HttpClient.
• Why I couldn't load a script via control of <head> content for the JS collocation example. <HeadContent><script src="./Components/Pages/JsCollocation1.razor.js"></script></HeadContent>
• Check on the namespace section in the Components overview.
• Check on the "In components derived from the base class" bit in the DI topic. It doesn't make sense. It might be incorrect.
• Review of the new example at Fundamentals > DI > Utility base component classes to manage a DI scope section.
• The WHY aspects on MSBuild properties for hosted deployment options #26620 (comment). I'd like to know why the RID works with the MSBuild prop (/p:RuntimeIdentifier={RID} but the self-contained setting doesn't (/p:SelfContained=false).
• Review the code for streaming <textarea> content in a form of Message size limit enhancements #29541. Live
• Ask about https://docs.microsoft.com/en-us/aspnet/core/blazor/components/dynamiccomponent?view=aspnetcore-6.0 per Update event callback approach #26557. Is this the best way to showcase event callbacks with dynamic components?
• In UserClaims components (and perhaps a few other spots) the code for a collection displayed in the UI can can have the collection be assigned an empty value or left nullable with an additional Razor nullable check. Which is best? There's a text file on the desktop with the code either way.
• Do we need to assess all Blazor examples where tasks are awaited looking for spots where it would be more appropriate to avoid resuming with the context (ConfigureAwait(false))?
• Ask about the Task method without async and await keywords ... https://github.com/dotnet/blazor-samples/blob/main/8.0/BlazorWebAppEFCore/Components/ContactForm.razor#L111-L116
• IntelliSense is saying that these should be auto properties ... https://github.com/dotnet/blazor-samples/blob/main/8.0/BlazorWebAppEFCore/Components/ContactRow.razor#L50-L61 AND https://github.com/dotnet/blazor-samples/blob/main/8.0/BlazorWebAppEFCore/Components/Pages/Home.razor#L98-L106

UE pass tracking

• Debug WebAssembly — Resolve 👉 Something is missing in this instructions on how to debug a Blazor Webassembly hosted. #23373 ... and we'll probably need to show full files everywhere we refer to tasks.json/launch.json due to Errors when running .net generate assets to build .vscode folder vscode-csharp#4542. See 👉 small clarification #23777
• WebAssembly native dependencies
• Test components - Specifically, let's consider hosting example component tests for WASM and Server (TestServer). Missing example on how to use TestServer with ASP.NET 6 #25263
• Host and deploy: Apache for hosted WASM/sub-app scenarios might need more work. See 👉 Blazor Linux hosting #24519 (comment).
  • Overview — Perhaps for Routing, too, but clarify the navigation behavior of NavigationManager.NavigateTo. See :point-right: Use relative path in NavigateTo #22146 (comment).
  • Blazor Server — See 👉 Publishing Blazor to IIS from Visual Studio #21226
  • Blazor WebAssembly — See 👉 Revert to minified Google Brotli script in Blazor WASM hosting #19979 and Virus Detected! #21829 (comment) and validate web.config post PR Remove .wasm file extension before redefining it #24950 and in light of discussion on https://stackoverflow.com/a/69888016 and https://stackoverflow.com/a/70967738. Probably add a tagged SO filter link: https://stackoverflow.com/questions/tagged/blazor+iis+compression
  • WebAssembly deployment layout
• Blazor Server and EF Core — Consider using the QuickGrid now that it's a supported part of the framework.

UE pass tracking

Articles that could benefit from the 🦖 Rex Treatment™ 🦖 ...

• Security node for 8.0/BWA/Identity components
• Blazor Server and EF Core
• Call web API topic: I'd like to divorce this from the main doc set's web API article in favor of a small Minimal APIs-based web API app for the experiences in the topic. I think churn on the main doc set article may have broken the cut-'n-paste, fully working examples that I have. I either need to update the examples to match the latest guidance in the web API article or place a dedicated app example in this topic, and I favor the latter because of on-going web API article churn ... this is a fragile 💥 setup because I don't maintain both articles.
• File Uploads article
• File Downloads article
• Test article
• PWA article
• Performance best practices article
• State Management article
• Virtualization article: Blazor Virtualize Docs Are Confusing #27537
• Blazor Hybrid
  • Overview
  • Tutorials
    • Overview
    • .NET MAUI
    • Windows Forms
    • WPF
  • Routing and navigation
  • Static files
  • Dev Tools
  • Reuse components

New for 8.0 ...

• ASP.NET Core Razor class libraries (RCLs) with static server-side rendering (static SSR)
• Integrate ASP.NET Core Razor components into ASP.NET Core apps
• Prerender ASP.NET Core Razor components
• Render Razor components outside of ASP.NET Core
• ASP.NET Core Blazor render modes
• ASP.NET Core Blazor sections
• Troubleshoot ASP.NET Core Blazor Hybrid
• ASP.NET Core Blazor JavaScript with static server-side rendering (static SSR)
• Threat mitigation guidance for ASP.NET Core Blazor static server-side rendering
• Secure ASP.NET Core Blazor WebAssembly with ASP.NET Core Identity