├── images ├── security_headers_01.png └── security_headers_02.png ├── WebApiOpenApi ├── WebApiOpenApi.http ├── appsettings.Development.json ├── WeatherForecast.cs ├── appsettings.json ├── Properties │ └── launchSettings.json ├── WebApiOpenApi.csproj ├── SecurityHeadersDefinitionsAPI.cs ├── SecurityHeadersDefinitionsSwagger.cs ├── Controllers │ └── WeatherForecastController.cs └── Program.cs ├── .github └── workflows │ └── dotnet.yml ├── LICENSE ├── WebApiOpenApi.sln ├── README.md └── .gitignore /images/security_headers_01.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/damienbod/WebApiOpenApi/HEAD/images/security_headers_01.png -------------------------------------------------------------------------------- /images/security_headers_02.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/damienbod/WebApiOpenApi/HEAD/images/security_headers_02.png -------------------------------------------------------------------------------- /WebApiOpenApi/WebApiOpenApi.http: -------------------------------------------------------------------------------- 1 | @WebApiOpenApi_HostAddress = https://localhost:7288 2 | 3 | GET {{WebApiOpenApi_HostAddress}}/weatherforecast/ 4 | Accept: application/json 5 | 6 | ### 7 | -------------------------------------------------------------------------------- /WebApiOpenApi/appsettings.Development.json: -------------------------------------------------------------------------------- 1 | { 2 | "Logging": { 3 | "LogLevel": { 4 | "Default": "Information", 5 | "Microsoft.AspNetCore": "Warning" 6 | } 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /WebApiOpenApi/WeatherForecast.cs: -------------------------------------------------------------------------------- 1 | namespace WebApiOpenApi; 2 | 3 | public class WeatherForecast 4 | { 5 | public DateOnly Date { get; set; } 6 | public int TemperatureC { get; set; } 7 | public int TemperatureF => 32 + (int)(TemperatureC / 0.5556); 8 | public string? Summary { get; set; } 9 | } 10 | -------------------------------------------------------------------------------- /WebApiOpenApi/appsettings.json: -------------------------------------------------------------------------------- 1 | { 2 | // Open up security restrictions to allow this to work 3 | // Not recommended in production 4 | "DeploySwaggerUI": true, 5 | "Logging": { 6 | "LogLevel": { 7 | "Default": "Information", 8 | "Microsoft.AspNetCore": "Warning" 9 | } 10 | }, 11 | "AllowedHosts": "*" 12 | } 13 | -------------------------------------------------------------------------------- /WebApiOpenApi/Properties/launchSettings.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://json.schemastore.org/launchsettings.json", 3 | "profiles": { 4 | "https": { 5 | "commandName": "Project", 6 | "dotnetRunMessages": true, 7 | "launchBrowser": true, 8 | "launchUrl": "openapi/v1/openapi.json", 9 | "applicationUrl": "https://localhost:7288;", 10 | "environmentVariables": { 11 | "ASPNETCORE_ENVIRONMENT": "Development" 12 | } 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /.github/workflows/dotnet.yml: -------------------------------------------------------------------------------- 1 | # This workflow will build a .NET project 2 | # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net 3 | 4 | name: .NET 5 | 6 | on: 7 | push: 8 | branches: [ "main" ] 9 | pull_request: 10 | branches: [ "main" ] 11 | 12 | jobs: 13 | build: 14 | 15 | runs-on: ubuntu-latest 16 | 17 | steps: 18 | - uses: actions/checkout@v4 19 | - name: Setup .NET 20 | uses: actions/setup-dotnet@v4 21 | with: 22 | dotnet-version: 10.0.x 23 | - name: Restore dependencies 24 | run: dotnet restore 25 | - name: Build 26 | run: dotnet build --no-restore 27 | - name: Test 28 | run: dotnet test --no-build --verbosity normal 29 | -------------------------------------------------------------------------------- /WebApiOpenApi/WebApiOpenApi.csproj: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | net10.0 5 | enable 6 | enable 7 | 400f6544-f62c-4f44-a6c0-5528bc571830 8 | 9 | 10 | 11 | 12 | 13 | 14 | runtime; build; native; contentfiles; analyzers; buildtransitive 15 | all 16 | 17 | 18 | 19 | 20 | 21 | 22 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2024 damienbod 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /WebApiOpenApi.sln: -------------------------------------------------------------------------------- 1 | 2 | Microsoft Visual Studio Solution File, Format Version 12.00 3 | # Visual Studio Version 17 4 | VisualStudioVersion = 17.11.35118.90 5 | MinimumVisualStudioVersion = 10.0.40219.1 6 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "WebApiOpenApi", "WebApiOpenApi\WebApiOpenApi.csproj", "{72AB0FC0-F95A-4219-AFD2-637698DE7CD8}" 7 | EndProject 8 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{D8E9B70F-00E4-4B31-ADD3-5164A5F4AE81}" 9 | ProjectSection(SolutionItems) = preProject 10 | README.md = README.md 11 | EndProjectSection 12 | EndProject 13 | Global 14 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 15 | Debug|Any CPU = Debug|Any CPU 16 | Release|Any CPU = Release|Any CPU 17 | EndGlobalSection 18 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 19 | {72AB0FC0-F95A-4219-AFD2-637698DE7CD8}.Debug|Any CPU.ActiveCfg = Debug|Any CPU 20 | {72AB0FC0-F95A-4219-AFD2-637698DE7CD8}.Debug|Any CPU.Build.0 = Debug|Any CPU 21 | {72AB0FC0-F95A-4219-AFD2-637698DE7CD8}.Release|Any CPU.ActiveCfg = Release|Any CPU 22 | {72AB0FC0-F95A-4219-AFD2-637698DE7CD8}.Release|Any CPU.Build.0 = Release|Any CPU 23 | EndGlobalSection 24 | GlobalSection(SolutionProperties) = preSolution 25 | HideSolutionNode = FALSE 26 | EndGlobalSection 27 | GlobalSection(ExtensibilityGlobals) = postSolution 28 | SolutionGuid = {91E41BEC-4146-4B37-B4CD-C2B62E0B8990} 29 | EndGlobalSection 30 | EndGlobal 31 | -------------------------------------------------------------------------------- /WebApiOpenApi/SecurityHeadersDefinitionsAPI.cs: -------------------------------------------------------------------------------- 1 | namespace WebApiOpenApi; 2 | 3 | public static class SecurityHeadersDefinitionsAPI 4 | { 5 | private static HeaderPolicyCollection? policy; 6 | 7 | public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev) 8 | { 9 | // Avoid building a new HeaderPolicyCollection on every request for performance reasons. 10 | // Where possible, cache and reuse HeaderPolicyCollection instances. 11 | if (policy != null) return policy; 12 | 13 | policy = new HeaderPolicyCollection() 14 | .AddFrameOptionsDeny() 15 | .AddContentTypeOptionsNoSniff() 16 | .AddReferrerPolicyStrictOriginWhenCrossOrigin() 17 | .AddCrossOriginOpenerPolicy(builder => builder.SameOrigin()) 18 | .AddCrossOriginEmbedderPolicy(builder => builder.RequireCorp()) 19 | .AddCrossOriginResourcePolicy(builder => builder.SameOrigin()) 20 | .RemoveServerHeader() 21 | .AddPermissionsPolicyWithDefaultSecureDirectives(); 22 | 23 | policy.AddContentSecurityPolicy(builder => 24 | { 25 | builder.AddObjectSrc().None(); 26 | builder.AddBlockAllMixedContent(); 27 | builder.AddImgSrc().None(); 28 | builder.AddFormAction().None(); 29 | builder.AddFontSrc().None(); 30 | builder.AddStyleSrc().None(); 31 | builder.AddScriptSrc().None(); 32 | builder.AddBaseUri().Self(); 33 | builder.AddFrameAncestors().None(); 34 | builder.AddCustomDirective("require-trusted-types-for", "'script'"); 35 | }); 36 | 37 | if (!isDev) 38 | { 39 | // maxage = one year in seconds 40 | policy.AddStrictTransportSecurityMaxAgeIncludeSubDomains(maxAgeInSeconds: 60 * 60 * 24 * 365); 41 | } 42 | 43 | return policy; 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /WebApiOpenApi/SecurityHeadersDefinitionsSwagger.cs: -------------------------------------------------------------------------------- 1 | namespace WebApiOpenApi; 2 | 3 | /// 4 | /// Weak security headers for Swagger UI 5 | /// 6 | public static class SecurityHeadersDefinitionsSwagger 7 | { 8 | private static HeaderPolicyCollection? policy; 9 | 10 | public static HeaderPolicyCollection GetHeaderPolicyCollection(bool isDev) 11 | { 12 | // Avoid building a new HeaderPolicyCollection on every request for performance reasons. 13 | // Where possible, cache and reuse HeaderPolicyCollection instances. 14 | if (policy != null) return policy; 15 | 16 | policy = new HeaderPolicyCollection() 17 | .AddFrameOptionsDeny() 18 | .AddContentTypeOptionsNoSniff() 19 | .AddReferrerPolicyStrictOriginWhenCrossOrigin() 20 | .AddCrossOriginOpenerPolicy(builder => builder.SameOrigin()) 21 | .AddCrossOriginEmbedderPolicy(builder => builder.RequireCorp()) 22 | .AddCrossOriginResourcePolicy(builder => builder.SameOrigin()) 23 | .RemoveServerHeader() 24 | .AddPermissionsPolicyWithDefaultSecureDirectives(); 25 | 26 | policy.AddContentSecurityPolicy(builder => 27 | { 28 | builder.AddObjectSrc().None(); 29 | builder.AddBlockAllMixedContent(); 30 | builder.AddImgSrc().Self().From("data:"); 31 | builder.AddFormAction().Self(); 32 | builder.AddFontSrc().Self(); 33 | builder.AddStyleSrc().Self().UnsafeInline(); 34 | builder.AddScriptSrc().Self().UnsafeInline(); //.WithNonce(); 35 | builder.AddBaseUri().Self(); 36 | builder.AddFrameAncestors().None(); 37 | }); 38 | 39 | if (!isDev) 40 | { 41 | // maxage = one year in seconds 42 | policy.AddStrictTransportSecurityMaxAgeIncludeSubDomains(maxAgeInSeconds: 60 * 60 * 24 * 365); 43 | } 44 | 45 | return policy; 46 | } 47 | } 48 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ASP.NET Core API using OpenAPI 2 | 3 | [![.NET](https://github.com/damienbod/WebApiOpenApi/actions/workflows/dotnet.yml/badge.svg)](https://github.com/damienbod/WebApiOpenApi/actions/workflows/dotnet.yml) 4 | 5 | Blogs: 6 | 7 | [Implementing an ASP.NET Core API with .NET 9 and OpenAPI](https://damienbod.com/2024/08/06/implementing-an-asp-net-core-api-with-net-9-and-openapi/) 8 | 9 | [Add a Swagger UI using a .NET 9 Json OpenAPI file](https://damienbod.com/2024/08/12/add-a-swagger-ui-using-a-net-9-json-openapi-file/) 10 | 11 | [Implement security headers for an API supporting OpenAPI Swagger UI](https://damienbod.com/2024/10/21/implement-security-headers-for-an-api-supporting-openapi-swagger-ui/) 12 | 13 | ### Nuget package for OpenAPI 14 | 15 | ``` 16 | Install-Package Microsoft.AspNetCore.OpenApi -IncludePrerelease 17 | ``` 18 | 19 | ## History 20 | 21 | - 2025-12-01 .NET 10 22 | - 2025-08-01 Updated packages 23 | - 2025-05-09 Updated packages 24 | - 2024-11-24 .NET 9 25 | - 2024-10-20 Improve security, API policy per default 26 | - 2024-10-17 Improve security headers 27 | - 2024-10-12 Updated to .NET 9 RC2 28 | - 2024-09-12 Updated to .NET 9 RC1 29 | - 2024-08-13 Updated to .NET 9 Preview 7 30 | 31 | ## Example of OpenAPI with minimal APIs 32 | 33 | https://github.com/martincostello/dotnet-minimal-api-integration-testing 34 | 35 | ## Links 36 | 37 | https://learn.microsoft.com/en-us/aspnet/core/fundamentals/minimal-apis/aspnetcore-openapi 38 | 39 | https://learn.microsoft.com/en-us/aspnet/core/web-api/action-return-types 40 | 41 | https://pkgs.dev.azure.com/dnceng/public/_packaging/dotnet9/nuget/v3/index.json 42 | 43 | https://github.com/RicoSuter/NSwag 44 | 45 | https://damienbod.com/2021/08/30/improving-application-security-in-an-asp-net-core-api-using-http-headers-part-3/ 46 | 47 | https://swagger.io/ 48 | 49 | https://swagger.io/specification/ 50 | 51 | https://github.com/martincostello/aspnetcore-openapi 52 | 53 | https://github.com/mikekistler/aspnet-openapi-examples 54 | 55 | https://andrewlock.net/major-updates-to-netescapades-aspnetcore-security-headers/ -------------------------------------------------------------------------------- /WebApiOpenApi/Controllers/WeatherForecastController.cs: -------------------------------------------------------------------------------- 1 | using Microsoft.AspNetCore.Authorization; 2 | using Microsoft.AspNetCore.Mvc; 3 | using System.ComponentModel; 4 | 5 | namespace WebApiOpenApi.Controllers; 6 | 7 | [Authorize(AuthenticationSchemes = "Bearer")] 8 | [ApiController] 9 | [Route("api/[controller]")] 10 | public class WeatherForecastController(ILogger _logger) : ControllerBase 11 | { 12 | private static readonly string[] Summaries = 13 | [ 14 | "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching" 15 | ]; 16 | 17 | [AllowAnonymous] 18 | [EndpointSummary("This is a summary from OpenApi attributes.")] 19 | [EndpointDescription("This is a description from OpenApi attributes.")] 20 | [Produces(typeof(IEnumerable))] 21 | [HttpGet("GetWeatherForecast")] 22 | public IActionResult Get() 23 | { 24 | _logger.LogDebug("GetWeatherForecast with OpenAPI definitions"); 25 | 26 | return Ok(Enumerable.Range(1, 5).Select(index => new WeatherForecast 27 | { 28 | Date = DateOnly.FromDateTime(DateTime.Now.AddDays(index)), 29 | TemperatureC = Random.Shared.Next(-20, 55), 30 | Summary = Summaries[Random.Shared.Next(Summaries.Length)] 31 | }) 32 | .ToArray()); 33 | } 34 | 35 | [EndpointSummary("This is a second summary from OpenApi attributes.")] 36 | [EndpointDescription("This is a second description from OpenApi attributes.")] 37 | [Produces(typeof(IEnumerable))] 38 | [ProducesResponseType(StatusCodes.Status404NotFound)] 39 | [HttpGet("GetWeatherForecastWithParameter")] 40 | public IEnumerable GetWithParameter( 41 | [Description("parameter name description using OpenApi")] string name) 42 | { 43 | return Enumerable.Range(1, 5).Select(index => new WeatherForecast 44 | { 45 | Date = DateOnly.FromDateTime(DateTime.Now.AddDays(index)), 46 | TemperatureC = Random.Shared.Next(-20, 55), 47 | Summary = Summaries[Random.Shared.Next(Summaries.Length)] 48 | }) 49 | .ToArray(); 50 | } 51 | 52 | [EndpointSummary("This is a second summary from OpenApi attributes.")] 53 | [EndpointDescription("This is a second description from OpenApi attributes.")] 54 | [HttpPut("PutWeatherForecast")] 55 | public IActionResult PutWeatherForecast( 56 | [Description("parameter put item using OpenApi")] WeatherForecast weatherForecast) 57 | { 58 | return Created(); 59 | } 60 | 61 | [EndpointSummary("This is a second summary from OpenApi attributes.")] 62 | [EndpointDescription("This is a second description from OpenApi attributes.")] 63 | [Produces(typeof(IEnumerable))] 64 | [HttpPost("PostWeatherForecast")] 65 | public IActionResult PostWeatherForecast( 66 | [Description("parameter post item using OpenApi")] WeatherForecast weatherForecast) 67 | { 68 | return Ok(weatherForecast); 69 | } 70 | } 71 | -------------------------------------------------------------------------------- /WebApiOpenApi/Program.cs: -------------------------------------------------------------------------------- 1 | using Microsoft.AspNetCore.Authentication; 2 | using Microsoft.AspNetCore.Authentication.JwtBearer; 3 | using Microsoft.AspNetCore.OpenApi; 4 | using Microsoft.IdentityModel.Tokens; 5 | using Microsoft.OpenApi; 6 | using NetEscapades.AspNetCore.SecurityHeaders.Infrastructure; 7 | using WebApiOpenApi; 8 | 9 | var builder = WebApplication.CreateBuilder(args); 10 | 11 | // Open up security restrictions to allow this to work 12 | // Not recommended in production 13 | var deploySwaggerUI = builder.Configuration.GetValue("DeploySwaggerUI"); 14 | var isDev = builder.Environment.IsDevelopment(); 15 | 16 | builder.Services.AddSecurityHeaderPolicies() 17 | .SetPolicySelector((PolicySelectorContext ctx) => 18 | { 19 | // sum is weak security headers due to Swagger UI deployment 20 | // should only use in development 21 | if (deploySwaggerUI) 22 | { 23 | // Weakened security headers for Swagger UI 24 | if (ctx.HttpContext.Request.Path.StartsWithSegments("/swagger")) 25 | { 26 | return SecurityHeadersDefinitionsSwagger.GetHeaderPolicyCollection(isDev); 27 | } 28 | 29 | // Strict security headers 30 | return SecurityHeadersDefinitionsAPI.GetHeaderPolicyCollection(isDev); 31 | } 32 | // Strict security headers for production 33 | else 34 | { 35 | return SecurityHeadersDefinitionsAPI.GetHeaderPolicyCollection(isDev); 36 | } 37 | }); 38 | 39 | builder.Services.AddControllers(); 40 | 41 | builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) 42 | .AddJwtBearer("Bearer", options => 43 | { 44 | options.Audience = "api_scope"; 45 | options.Authority = "https://localhost:44367"; 46 | options.TokenValidationParameters = new TokenValidationParameters 47 | { 48 | ValidateIssuer = true, 49 | ValidateAudience = true, 50 | ValidateIssuerSigningKey = true, 51 | ValidAudiences = ["api_scope"], 52 | ValidIssuers = ["https://localhost:44367"], 53 | }; 54 | }); 55 | 56 | builder.Services.AddOpenApi(options => 57 | { 58 | //options.UseTransformer((document, context, cancellationToken) => 59 | //{ 60 | // document.Info = new() 61 | // { 62 | // Title = "My API", 63 | // Version = "v1", 64 | // Description = "API for Damien" 65 | // }; 66 | // return Task.CompletedTask; 67 | //}); 68 | options.AddDocumentTransformer(); 69 | }); 70 | 71 | var app = builder.Build(); 72 | 73 | app.UseSecurityHeaders(); 74 | 75 | app.UseHttpsRedirection(); 76 | app.UseAuthorization(); 77 | 78 | app.MapControllers(); 79 | 80 | //app.MapOpenApi(); // /openapi/v1.json 81 | app.MapOpenApi("/openapi/v1/openapi.json"); 82 | //app.MapOpenApi("/openapi/{documentName}/openapi.json"); 83 | 84 | if (deploySwaggerUI) 85 | { 86 | app.UseSwaggerUI(options => 87 | { 88 | options.SwaggerEndpoint("/openapi/v1/openapi.json", "v1"); 89 | }); 90 | } 91 | 92 | app.Run(); 93 | 94 | internal sealed class BearerSecuritySchemeTransformer(IAuthenticationSchemeProvider authenticationSchemeProvider) : IOpenApiDocumentTransformer 95 | { 96 | public async Task TransformAsync(OpenApiDocument document, OpenApiDocumentTransformerContext context, CancellationToken cancellationToken) 97 | { 98 | var authenticationSchemes = await authenticationSchemeProvider.GetAllSchemesAsync(); 99 | if (authenticationSchemes.Any(authScheme => authScheme.Name == "Bearer")) 100 | { 101 | var requirements = new Dictionary 102 | { 103 | ["Bearer"] = new OpenApiSecurityScheme 104 | { 105 | Type = SecuritySchemeType.Http, 106 | Scheme = "bearer", // "bearer" refers to the header name here 107 | In = ParameterLocation.Header, 108 | BearerFormat = "Json Web Token" 109 | } 110 | }; 111 | document.Components ??= new OpenApiComponents(); 112 | document.Components.SecuritySchemes = requirements; 113 | } 114 | document.Info = new() 115 | { 116 | Title = "My API Bearer scheme", 117 | Version = "v1", 118 | Description = "API for Damien" 119 | }; 120 | } 121 | } -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | ## Ignore Visual Studio temporary files, build results, and 2 | ## files generated by popular Visual Studio add-ons. 3 | ## 4 | ## Get latest from https://github.com/github/gitignore/blob/main/VisualStudio.gitignore 5 | 6 | # User-specific files 7 | *.rsuser 8 | *.suo 9 | *.user 10 | *.userosscache 11 | *.sln.docstates 12 | 13 | # User-specific files (MonoDevelop/Xamarin Studio) 14 | *.userprefs 15 | 16 | # Mono auto generated files 17 | mono_crash.* 18 | 19 | # Build results 20 | [Dd]ebug/ 21 | [Dd]ebugPublic/ 22 | [Rr]elease/ 23 | [Rr]eleases/ 24 | x64/ 25 | x86/ 26 | [Ww][Ii][Nn]32/ 27 | [Aa][Rr][Mm]/ 28 | [Aa][Rr][Mm]64/ 29 | bld/ 30 | [Bb]in/ 31 | [Oo]bj/ 32 | [Ll]og/ 33 | [Ll]ogs/ 34 | 35 | # Visual Studio 2015/2017 cache/options directory 36 | .vs/ 37 | # Uncomment if you have tasks that create the project's static files in wwwroot 38 | #wwwroot/ 39 | 40 | # Visual Studio 2017 auto generated files 41 | Generated\ Files/ 42 | 43 | # MSTest test Results 44 | [Tt]est[Rr]esult*/ 45 | [Bb]uild[Ll]og.* 46 | 47 | # NUnit 48 | *.VisualState.xml 49 | TestResult.xml 50 | nunit-*.xml 51 | 52 | # Build Results of an ATL Project 53 | [Dd]ebugPS/ 54 | [Rr]eleasePS/ 55 | dlldata.c 56 | 57 | # Benchmark Results 58 | BenchmarkDotNet.Artifacts/ 59 | 60 | # .NET Core 61 | project.lock.json 62 | project.fragment.lock.json 63 | artifacts/ 64 | 65 | # ASP.NET Scaffolding 66 | ScaffoldingReadMe.txt 67 | 68 | # StyleCop 69 | StyleCopReport.xml 70 | 71 | # Files built by Visual Studio 72 | *_i.c 73 | *_p.c 74 | *_h.h 75 | *.ilk 76 | *.meta 77 | *.obj 78 | *.iobj 79 | *.pch 80 | *.pdb 81 | *.ipdb 82 | *.pgc 83 | *.pgd 84 | *.rsp 85 | *.sbr 86 | *.tlb 87 | *.tli 88 | *.tlh 89 | *.tmp 90 | *.tmp_proj 91 | *_wpftmp.csproj 92 | *.log 93 | *.tlog 94 | *.vspscc 95 | *.vssscc 96 | .builds 97 | *.pidb 98 | *.svclog 99 | *.scc 100 | 101 | # Chutzpah Test files 102 | _Chutzpah* 103 | 104 | # Visual C++ cache files 105 | ipch/ 106 | *.aps 107 | *.ncb 108 | *.opendb 109 | *.opensdf 110 | *.sdf 111 | *.cachefile 112 | *.VC.db 113 | *.VC.VC.opendb 114 | 115 | # Visual Studio profiler 116 | *.psess 117 | *.vsp 118 | *.vspx 119 | *.sap 120 | 121 | # Visual Studio Trace Files 122 | *.e2e 123 | 124 | # TFS 2012 Local Workspace 125 | $tf/ 126 | 127 | # Guidance Automation Toolkit 128 | *.gpState 129 | 130 | # ReSharper is a .NET coding add-in 131 | _ReSharper*/ 132 | *.[Rr]e[Ss]harper 133 | *.DotSettings.user 134 | 135 | # TeamCity is a build add-in 136 | _TeamCity* 137 | 138 | # DotCover is a Code Coverage Tool 139 | *.dotCover 140 | 141 | # AxoCover is a Code Coverage Tool 142 | .axoCover/* 143 | !.axoCover/settings.json 144 | 145 | # Coverlet is a free, cross platform Code Coverage Tool 146 | coverage*.json 147 | coverage*.xml 148 | coverage*.info 149 | 150 | # Visual Studio code coverage results 151 | *.coverage 152 | *.coveragexml 153 | 154 | # NCrunch 155 | _NCrunch_* 156 | .*crunch*.local.xml 157 | nCrunchTemp_* 158 | 159 | # MightyMoose 160 | *.mm.* 161 | AutoTest.Net/ 162 | 163 | # Web workbench (sass) 164 | .sass-cache/ 165 | 166 | # Installshield output folder 167 | [Ee]xpress/ 168 | 169 | # DocProject is a documentation generator add-in 170 | DocProject/buildhelp/ 171 | DocProject/Help/*.HxT 172 | DocProject/Help/*.HxC 173 | DocProject/Help/*.hhc 174 | DocProject/Help/*.hhk 175 | DocProject/Help/*.hhp 176 | DocProject/Help/Html2 177 | DocProject/Help/html 178 | 179 | # Click-Once directory 180 | publish/ 181 | 182 | # Publish Web Output 183 | *.[Pp]ublish.xml 184 | *.azurePubxml 185 | # Note: Comment the next line if you want to checkin your web deploy settings, 186 | # but database connection strings (with potential passwords) will be unencrypted 187 | *.pubxml 188 | *.publishproj 189 | 190 | # Microsoft Azure Web App publish settings. Comment the next line if you want to 191 | # checkin your Azure Web App publish settings, but sensitive information contained 192 | # in these scripts will be unencrypted 193 | PublishScripts/ 194 | 195 | # NuGet Packages 196 | *.nupkg 197 | # NuGet Symbol Packages 198 | *.snupkg 199 | # The packages folder can be ignored because of Package Restore 200 | **/[Pp]ackages/* 201 | # except build/, which is used as an MSBuild target. 202 | !**/[Pp]ackages/build/ 203 | # Uncomment if necessary however generally it will be regenerated when needed 204 | #!**/[Pp]ackages/repositories.config 205 | # NuGet v3's project.json files produces more ignorable files 206 | *.nuget.props 207 | *.nuget.targets 208 | 209 | # Microsoft Azure Build Output 210 | csx/ 211 | *.build.csdef 212 | 213 | # Microsoft Azure Emulator 214 | ecf/ 215 | rcf/ 216 | 217 | # Windows Store app package directories and files 218 | AppPackages/ 219 | BundleArtifacts/ 220 | Package.StoreAssociation.xml 221 | _pkginfo.txt 222 | *.appx 223 | *.appxbundle 224 | *.appxupload 225 | 226 | # Visual Studio cache files 227 | # files ending in .cache can be ignored 228 | *.[Cc]ache 229 | # but keep track of directories ending in .cache 230 | !?*.[Cc]ache/ 231 | 232 | # Others 233 | ClientBin/ 234 | ~$* 235 | *~ 236 | *.dbmdl 237 | *.dbproj.schemaview 238 | *.jfm 239 | *.pfx 240 | *.publishsettings 241 | orleans.codegen.cs 242 | 243 | # Including strong name files can present a security risk 244 | # (https://github.com/github/gitignore/pull/2483#issue-259490424) 245 | #*.snk 246 | 247 | # Since there are multiple workflows, uncomment next line to ignore bower_components 248 | # (https://github.com/github/gitignore/pull/1529#issuecomment-104372622) 249 | #bower_components/ 250 | 251 | # RIA/Silverlight projects 252 | Generated_Code/ 253 | 254 | # Backup & report files from converting an old project file 255 | # to a newer Visual Studio version. Backup files are not needed, 256 | # because we have git ;-) 257 | _UpgradeReport_Files/ 258 | Backup*/ 259 | UpgradeLog*.XML 260 | UpgradeLog*.htm 261 | ServiceFabricBackup/ 262 | *.rptproj.bak 263 | 264 | # SQL Server files 265 | *.mdf 266 | *.ldf 267 | *.ndf 268 | 269 | # Business Intelligence projects 270 | *.rdl.data 271 | *.bim.layout 272 | *.bim_*.settings 273 | *.rptproj.rsuser 274 | *- [Bb]ackup.rdl 275 | *- [Bb]ackup ([0-9]).rdl 276 | *- [Bb]ackup ([0-9][0-9]).rdl 277 | 278 | # Microsoft Fakes 279 | FakesAssemblies/ 280 | 281 | # GhostDoc plugin setting file 282 | *.GhostDoc.xml 283 | 284 | # Node.js Tools for Visual Studio 285 | .ntvs_analysis.dat 286 | node_modules/ 287 | 288 | # Visual Studio 6 build log 289 | *.plg 290 | 291 | # Visual Studio 6 workspace options file 292 | *.opt 293 | 294 | # Visual Studio 6 auto-generated workspace file (contains which files were open etc.) 295 | *.vbw 296 | 297 | # Visual Studio 6 auto-generated project file (contains which files were open etc.) 298 | *.vbp 299 | 300 | # Visual Studio 6 workspace and project file (working project files containing files to include in project) 301 | *.dsw 302 | *.dsp 303 | 304 | # Visual Studio 6 technical files 305 | *.ncb 306 | *.aps 307 | 308 | # Visual Studio LightSwitch build output 309 | **/*.HTMLClient/GeneratedArtifacts 310 | **/*.DesktopClient/GeneratedArtifacts 311 | **/*.DesktopClient/ModelManifest.xml 312 | **/*.Server/GeneratedArtifacts 313 | **/*.Server/ModelManifest.xml 314 | _Pvt_Extensions 315 | 316 | # Paket dependency manager 317 | .paket/paket.exe 318 | paket-files/ 319 | 320 | # FAKE - F# Make 321 | .fake/ 322 | 323 | # CodeRush personal settings 324 | .cr/personal 325 | 326 | # Python Tools for Visual Studio (PTVS) 327 | __pycache__/ 328 | *.pyc 329 | 330 | # Cake - Uncomment if you are using it 331 | # tools/** 332 | # !tools/packages.config 333 | 334 | # Tabs Studio 335 | *.tss 336 | 337 | # Telerik's JustMock configuration file 338 | *.jmconfig 339 | 340 | # BizTalk build output 341 | *.btp.cs 342 | *.btm.cs 343 | *.odx.cs 344 | *.xsd.cs 345 | 346 | # OpenCover UI analysis results 347 | OpenCover/ 348 | 349 | # Azure Stream Analytics local run output 350 | ASALocalRun/ 351 | 352 | # MSBuild Binary and Structured Log 353 | *.binlog 354 | 355 | # NVidia Nsight GPU debugger configuration file 356 | *.nvuser 357 | 358 | # MFractors (Xamarin productivity tool) working folder 359 | .mfractor/ 360 | 361 | # Local History for Visual Studio 362 | .localhistory/ 363 | 364 | # Visual Studio History (VSHistory) files 365 | .vshistory/ 366 | 367 | # BeatPulse healthcheck temp database 368 | healthchecksdb 369 | 370 | # Backup folder for Package Reference Convert tool in Visual Studio 2017 371 | MigrationBackup/ 372 | 373 | # Ionide (cross platform F# VS Code tools) working folder 374 | .ionide/ 375 | 376 | # Fody - auto-generated XML schema 377 | FodyWeavers.xsd 378 | 379 | # VS Code files for those working on multiple tools 380 | .vscode/* 381 | !.vscode/settings.json 382 | !.vscode/tasks.json 383 | !.vscode/launch.json 384 | !.vscode/extensions.json 385 | *.code-workspace 386 | 387 | # Local History for Visual Studio Code 388 | .history/ 389 | 390 | # Windows Installer files from build outputs 391 | *.cab 392 | *.msi 393 | *.msix 394 | *.msm 395 | *.msp 396 | 397 | # JetBrains Rider 398 | *.sln.iml 399 | --------------------------------------------------------------------------------