CommonNetFuncs.Web.Middleware 4.0.41

.NET 10.0 This package targets .NET 10.0. The package is compatible with this framework or higher. 
dotnet add package CommonNetFuncs.Web.Middleware --version 4.0.41
                    


                    

                
NuGet\Install-Package CommonNetFuncs.Web.Middleware -Version 4.0.41
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="CommonNetFuncs.Web.Middleware" Version="4.0.41" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="CommonNetFuncs.Web.Middleware" Version="4.0.41" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="CommonNetFuncs.Web.Middleware" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add CommonNetFuncs.Web.Middleware --version 4.0.41
                    


                    

                
#r "nuget: CommonNetFuncs.Web.Middleware, 4.0.41"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package CommonNetFuncs.Web.Middleware@4.0.41
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=CommonNetFuncs.Web.Middleware&version=4.0.41
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=CommonNetFuncs.Web.Middleware&version=4.0.41
                    


                            Install as a Cake Tool

CommonNetFuncs.Web.Middleware

License NuGet Version nuget

This project contains a collection of ASP.NET Core middleware components and endpoint filters covering response logging, caching, CORS, XSRF protection, custom headers, and JSON Patch support.

Contents

JSON Patch Middleware

Bridges the gap between JSON Patch requests (Content-Type: application/json-patch+json) and minimal API endpoints that accept JsonPatchDocument<T> parameters.

The minimal API parameter-binding pipeline uses System.Text.Json, which does not natively understand the JsonPatchDocument<T> wire format (a JSON array of operations) defined by Newtonsoft.Json. JsonPatchDocumentConverterFactory and JsonPatchDocumentConverter<T> bridge the two serializers: STJ captures the raw JSON and hands it to Newtonsoft.Json, which correctly constructs the document and strongly-types each operation's value field. Without this, complex object values in patch operations are left as JsonElement and fail when the patch is applied.

JsonPatchRequestMiddleware additionally normalizes the Content-Type header from application/json-patch+json to application/json as an explicit safety net, since some hosts or proxies may strip or alter structured-syntax suffixes.

JSON Patch Middleware Usage Examples

<details> <summary><h3>Usage Examples</h3></summary>

Program.cs — registering the middleware and STJ converter

Call UseJsonPatchRequestBody() early in the pipeline, before routing, so the Content-Type rewrite occurs before parameter binding reads the request body. Register JsonPatchDocumentConverterFactory in the JSON serializer options so that JsonPatchDocument<T> parameters are deserialized correctly.

using CommonNetFuncs.Web.Middleware;
using Microsoft.AspNetCore.JsonPatch;

WebApplicationBuilder builder = WebApplication.CreateBuilder(args);

builder.Services.ConfigureHttpJsonOptions(o =>
{
    o.SerializerOptions.Converters.Add(new JsonPatchDocumentConverterFactory());
});

// Also add to MVC JSON options if using controllers
builder.Services.AddControllers().AddJsonOptions(o =>
{
    o.JsonSerializerOptions.Converters.Add(new JsonPatchDocumentConverterFactory());
});

WebApplication app = builder.Build();

// Must be before UseRouting / MapXxx calls
app.UseJsonPatchRequestBody();

app.UseRouting();

app.MapPatch("/api/items/{id}", (int id, JsonPatchDocument<Item> patch) =>
{
    Item item = GetItemById(id); // retrieve your entity
    patch.ApplyTo(item);
    return Results.Ok(item);
});

app.Run();
Sending a JSON Patch request
PATCH /api/items/1 HTTP/1.1
Content-Type: application/json-patch+json

[
  { "op": "replace", "path": "/name", "value": "Updated Name" },
  { "op": "replace", "path": "/price", "value": 9.99 }
]

</details>

MemoryCacheMiddleware

An in-process response cache backed by IMemoryCache. When a request includes the useCache=true query parameter the response is stored after the first successful (HTTP 200) call and served from memory on subsequent requests, bypassing the rest of the pipeline entirely. Cached entries can be associated with string tags and invalidated individually or by tag via the evict=true query parameter. Optional gzip/deflate compression reduces the in-memory footprint of large payloads. An optional CacheMetrics object can be injected to track hits, misses, evictions, and total cache size.

MemoryCacheMiddleware Usage Examples

<details> <summary><h3>Usage Examples</h3></summary>

UseMemoryCache
using CommonNetFuncs.Web.Common.CachingSupportClasses;
using CommonNetFuncs.Web.Middleware.CachingMiddleware;

WebApplicationBuilder builder = WebApplication.CreateBuilder(args);

builder.Services.AddMemoryCache(o => o.SizeLimit = 500 * 1024 * 1024); // 500 MB hard limit enforced by IMemoryCache
builder.Services.AddSingleton<CacheMetrics>();   // optional metrics tracking
builder.Services.AddSingleton<CacheTracker>();

CacheOptions cacheOptions = new()
{
    DefaultCacheDuration = TimeSpan.FromMinutes(5),
    MaxCacheSizeInBytes = 400 * 1024 * 1024, // soft limit — evicts oldest entries when exceeded
    UseCompression = true,
    CompressionType = ECompressionType.Gzip,
    HeadersToCache = ["Content-Type", "Content-Encoding"],
};

WebApplication app = builder.Build();

app.UseMemoryCache(cacheOptions); // register before routing

app.MapGet("/data", () => Results.Ok(GetExpensiveData()));

app.Run();
Cache query parameters
Parameter Effect
useCache=true Serve from cache or populate cache on first call
evict=true Remove the matching cache entry before executing the request
evictTag=<tag> Remove all entries associated with the given tag
cacheSeconds=<n> Override default duration (seconds)
cacheMinutes=<n> Override default duration (minutes)
cacheHours=<n> Override default duration (hours)

</details>

OptionsMiddleware

Handles HTTP OPTIONS preflight requests for CORS and attaches Access-Control-* response headers to all other requests that carry an Origin header. Configurable allowed origins, headers, methods, credentials, and max-age.

OptionsMiddleware Usage Examples

<details> <summary><h3>Usage Examples</h3></summary>

UseOptions
using CommonNetFuncs.Web.Middleware;

WebApplication app = builder.Build();

app.UseOptions(
    defaultAllowedOrigin: "https://example.com",
    allowedHeaders: ["Content-Type", "Authorization", "X-XSRF-TOKEN"],
    allowedMethods: ["GET", "POST", "PUT", "PATCH", "DELETE"],
    allowCredentials: true,
    maxAge: 3600
);

</details>

UseCustomHeadersMiddleware

Adds or removes HTTP response headers on every response. Useful for injecting security headers or stripping server-identifying headers.

UseCustomHeadersMiddleware Usage Examples

<details> <summary><h3>Usage Examples</h3></summary>

UseCustomHeaders
using CommonNetFuncs.Web.Middleware;

WebApplication app = builder.Build();

app.UseCustomHeaders(
    addHeaders: new Dictionary<string, string>
    {
        { "X-Frame-Options", "DENY" },
        { "X-Content-Type-Options", "nosniff" },
    },
    removeHeaders: ["Server", "X-Powered-By"]
);

</details>

UseResponseLoggingEndpointFilter

An IEndpointFilter for minimal API endpoints that emits a Warning log when an endpoint's total execution time exceeds a configurable threshold. Apply it per-endpoint or to a route group.

UseResponseLoggingEndpointFilter Usage Examples

<details> <summary><h3>Usage Examples</h3></summary>

Program.cs setup

Register IResponseLoggingConfig and apply the filter to a route group or individual endpoints.

using CommonNetFuncs.Web.Middleware;

WebApplicationBuilder builder = WebApplication.CreateBuilder(args);

builder.Services.AddSingleton<IResponseLoggingConfig>(new ResponseLoggingConfig { ThresholdInSeconds = 2.0 });
builder.Services.AddSingleton<UseResponseLoggingEndpointFilter>();

WebApplication app = builder.Build();

// Apply to all endpoints in a group
RouteGroupBuilder api = app.MapGroup("/api")
    .AddEndpointFilter<UseResponseLoggingEndpointFilter>();

api.MapGet("/slow", async () =>
{
    await Task.Delay(3000);
    return Results.Ok("done");
});

app.Run();
// Warning logged: "Endpoint GET /api/slow took 00:00:03.0123456 to complete with status code: 200"

</details>

UseResponseLoggingFilter

An MVC IActionFilter that emits a Warning log when a controller action's execution time exceeds a configurable threshold. Register it as a global MVC filter.

UseResponseLoggingFilter Usage Examples

<details> <summary><h3>Usage Examples</h3></summary>

Program.cs setup
using CommonNetFuncs.Web.Middleware;

WebApplicationBuilder builder = WebApplication.CreateBuilder(args);

builder.Services.AddSingleton<IResponseLoggingConfig>(new ResponseLoggingConfig { ThresholdInSeconds = 2.0 });

builder.Services.AddControllers(options =>
{
    options.Filters.Add<UseResponseLoggingFilter>();
});

</details>

UseResponseSizeLoggingMiddleware

Wraps the response body stream in a counting stream to measure the number of bytes written. Emits a Warning log when the response exceeds a configurable byte threshold. Intended for development and staging environments to detect unexpectedly large responses.

UseResponseSizeLoggingMiddleware Usage Examples

<details> <summary><h3>Usage Examples</h3></summary>

UseResponseSizeLogging
using CommonNetFuncs.Web.Middleware;

WebApplication app = builder.Build();

// Log a warning whenever a response exceeds 1 MB
app.UseResponseSizeLogging(logThreshold: 1 * 1024 * 1024);

</details>

UseXsrfTokenMiddleware

Generates an anti-forgery token on every request and writes it to an XSRF-TOKEN cookie, enabling client-side frameworks (Angular, etc.) to read the token and send it back in a request header for CSRF protection.

UseXsrfTokenMiddleware Usage Examples

<details> <summary><h3>Usage Examples</h3></summary>

UseXsrfToken
using CommonNetFuncs.Web.Middleware;

WebApplicationBuilder builder = WebApplication.CreateBuilder(args);
builder.Services.AddAntiforgery();

WebApplication app = builder.Build();

// httpOnly: false — the cookie must be readable by JavaScript (required for SPA frameworks)
app.UseXsrfToken(httpOnly: false);

</details>

Installation

Install via NuGet:

dotnet add package CommonNetFuncs.Web.Middleware

License

This project is licensed under the MIT License - see the LICENSE file for details.

Product Compatible and additional computed target framework versions.
.NET net10.0 is compatible.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last Updated
4.0.41 0 5/11/2026
4.0.40 0 5/10/2026
4.0.39 0 5/10/2026
4.0.37 37 5/9/2026
4.0.36 34 5/8/2026
4.0.31 109 4/21/2026
4.0.29 97 4/20/2026
4.0.28 92 4/19/2026
4.0.25 107 4/3/2026
4.0.17 110 2/23/2026
4.0.15 117 2/8/2026
4.0.14 115 2/7/2026
4.0.12 110 2/3/2026
4.0.10 120 1/24/2026
4.0.9 120 1/12/2026
3.8.42 111 3/5/2026
3.8.38 103 2/24/2026
3.8.33 118 2/2/2026
3.8.32 115 2/2/2026
Loading failed