Consider adding a way to use strict comparison for routes matching

[kevinchalet]

http://stackoverflow.com/questions/42048770/asp-net-core-openiddict-throws-an-openid-connect-response-cannot-be-returned-fr

Consider this action:

[HttpPost("~/path")]
public IActionResult Test() => Empty();

Oddly, either the routing stack or MVC seems to consider /path/ requests as valid candidates for this route/action, which is incorrect as /path and /path/ are two different addresses.

Is there any particular reason for this (abusive) normalization?

/cc @Eilon @rynowak

[kevinchalet]

Is there any particular reason for this (abusive) normalization?

After some research, it looks like it matches what ASP.NET MVC and Web API used to do (but not WCF Web API, AFAICT), so I guess it's one of those "by design" decisions.

Unfortunately, this behavior makes the routing stack pretty much inconsistent with the rest of ASP.NET Core, where path comparisons take the trailing slash into account (e.g all the security middleware).

Since changing this behavior at this point is very unlikely, would you consider adding new semantics to enable strict comparisons? E.g:

[HttpPost("~/path", StrictMatching = true)]
public IActionResult Test() => Empty();

[Eilon]

This issue was moved to aspnet/Routing#380