Skip to content

Customizable security descriptors for HTTP.sys #35595

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tdykstra merged 10 commits into from
Jun 10, 2025
Merged

Customizable security descriptors for HTTP.sys #35595

tdykstra merged 10 commits into from
Jun 10, 2025

Conversation

@tdykstra
Copy link
Contributor

@tdykstra tdykstra commented Jun 9, 2025
edited
Loading

Fixes #35569

This is just the what's new update; the update of the article in the servers section of the TOC will be next

Internal previews

📄 File 🔗 Preview link
aspnetcore/release-notes/aspnetcore-10.0.md What's new in ASP.NET Core in .NET 10

@tdykstra tdykstra marked this pull request as ready for review June 9, 2025 19:11
@tdykstra tdykstra requested a review from Copilot June 9, 2025 19:11
Copilot AI reviewed Jun 9, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Adds documentation for the new HTTP.sys feature that allows customizing request-queue security descriptors and integrates it into the ASP.NET Core .NET 10 release notes.

  • Introduces a new httpsys.md include with an overview and example code for the RequestQueueSecurityDescriptor option.
  • Updates aspnetcore-10.0.md to include the new httpsys documentation and add a related content link.

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
includes/httpsys.md New include describing the customizable HTTP.sys security API
aspnetcore-10.0.md Added httpsys.md include and updated the Related content link
Comments suppressed due to low confidence (2)

aspnetcore/release-notes/aspnetcore-10/includes/httpsys.md:4

  • Use an xref link for the RequestQueueSecurityDescriptor API instead of a raw source.dot.net URL to maintain consistency with other references.
You can now specify a custom security descriptor for HTTP.sys request queues. The new [RequestQueueSecurityDescriptor](https://source.dot.net/#Microsoft.AspNetCore.Server.HttpSys/HttpSysOptions.cs,a556950881fd2d87) property on <xref:Microsoft.AspNetCore.Server.HttpSys.HttpSysOptions> enables more granular control over access rights for the request queue.

aspnetcore/release-notes/aspnetcore-10.0.md:120

  • Format the related content entry as a list item (e.g., prefix with -) for consistency with other sections.
<xref:fundamentals/servers/httpsys>

@tdykstra tdykstra requested a review from wadepickett June 9, 2025 19:16
@tdykstra tdykstra requested a review from BrennanConroy June 9, 2025 23:06
@tdykstra tdykstra merged commit cb9bd1d into dotnet:main Jun 10, 2025
3 checks passed
wadepickett
wadepickett reviewed Jun 10, 2025
View reviewed changes
Copy link
Contributor

@wadepickett wadepickett left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great Tom.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wadepickett wadepickett wadepickett left review comments

Copilot code review Copilot Copilot left review comments

@BrennanConroy BrennanConroy BrennanConroy approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Custom Security Descriptors for HTTP.sys in WN 10.P5

3 participants

@tdykstra @BrennanConroy @wadepickett