Skip to content

.NET: Prefer HTTPS Aspire DevUI backends#6772

Merged
westey-m merged 1 commit into
microsoft:mainfrom
tommasodotNET:tommasodotnet-fix-aspire-devui-integration
Jun 26, 2026
Merged

.NET: Prefer HTTPS Aspire DevUI backends#6772
westey-m merged 1 commit into
microsoft:mainfrom
tommasodotNET:tommasodotnet-fix-aspire-devui-integration

Conversation

@tommasodotNET

Copy link
Copy Markdown
Contributor

Motivation & Context

Aspire DevUI integration currently resolves agent service backends through the hard-coded HTTP endpoint. When an agent service enables HTTPS redirection, the DevUI proxy forwards the redirect response back to the browser, which bypasses the DevUI prefix routing and breaks requests to the backend.

This change lets the DevUI integration work with agent services that expose both HTTP and HTTPS endpoints and use HTTPS redirection.

Description & Review Guide

  • What are the major changes?
    • DevUI backend resolution now prefers an allocated https endpoint and falls back to http for existing services.
    • Added unit tests covering HTTPS preference, HTTP fallback when HTTPS is missing, and HTTP fallback when HTTPS exists but is not allocated.
    • Updated the DevUI Aspire integration sample so WriterAgent launches with an HTTPS profile and uses HTTPS redirection, providing a manual test path for this scenario.
  • What is the impact of these changes?
    • Agent services configured with HTTPS redirection can be used through Aspire DevUI without leaking raw redirect responses to the browser.
    • Existing HTTP-only agent services continue to work through the fallback behavior.
  • What do you want reviewers to focus on?
    • Whether preferring https over http is the right default for DevUI backend resolution, and whether the sample is a useful enough regression scenario for manual validation.

Related Issue

Fixes #6769

No other open PR was found for this issue.

Contribution Checklist

  • The code builds clean without any errors or warnings
  • All unit tests pass, and I have added new tests where possible
  • The PR follows the Contribution Guidelines
  • This PR is linked to an issue and there is no other open PR for this issue (see Related Issue above).
  • This is not a breaking change. If it is a breaking change, add the breaking change label (or add "[BREAKING]" to the title prefix, before or after any language prefix) — a workflow keeps the label and title prefix in sync automatically.

Prefer allocated HTTPS endpoints when resolving Aspire DevUI backends and fall back to HTTP for existing services. Update the DevUI Aspire sample so WriterAgent exercises HTTPS redirection.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings June 26, 2026 16:16
@moonbox3 moonbox3 added documentation Usage: [Issues, PRs], Target: documentation in the code base and learn docs .NET Usage: [Issues, PRs], Target: .Net labels Jun 26, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes Aspire DevUI proxying for agent backends that enable UseHttpsRedirection() by updating backend URL resolution to prefer an allocated HTTPS endpoint (falling back to HTTP), preventing redirect responses from leaking to the browser and bypassing DevUI prefix routing.

Changes:

  • Updated DevUI backend resolution to prefer https then fall back to http, only using allocated endpoints.
  • Added unit tests for HTTPS preference and HTTP fallback scenarios (missing/unallocated HTTPS).
  • Updated the DevUI Aspire integration sample to launch WriterAgent with an HTTPS profile and enable HTTPS redirection for manual verification.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file
File Description
dotnet/tests/Aspire.Hosting.AgentFramework.DevUI.UnitTests/DevUIAggregatorHostedServiceTests.cs Adds coverage for backend endpoint selection (HTTPS preferred; HTTP fallback).
dotnet/src/Aspire.Hosting.AgentFramework.DevUI/DevUIAggregatorHostedService.cs Implements preferred endpoint selection (httpshttp) and exposes resolution for testing.
dotnet/samples/05-end-to-end/DevUIAspireIntegration/WriterAgent/Properties/launchSettings.json Adds an https launch profile that exposes both HTTPS and HTTP URLs.
dotnet/samples/05-end-to-end/DevUIAspireIntegration/WriterAgent/Program.cs Enables UseHttpsRedirection() to reproduce and validate the redirect scenario.
dotnet/samples/05-end-to-end/DevUIAspireIntegration/README.md Documents that the sample’s WriterAgent uses HTTPS redirection for DevUI validation.
dotnet/samples/05-end-to-end/DevUIAspireIntegration/DevUIIntegration.AppHost/Program.cs Launches WriterAgent via the https profile and targets the HTTPS endpoint for health checks.

@tommasodotNET tommasodotNET marked this pull request as ready for review June 26, 2026 16:21
@westey-m westey-m added this pull request to the merge queue Jun 26, 2026
Merged via the queue into microsoft:main with commit daac8c1 Jun 26, 2026
36 checks passed
@tommasodotNET tommasodotNET deleted the tommasodotnet-fix-aspire-devui-integration branch June 26, 2026 19:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

documentation Usage: [Issues, PRs], Target: documentation in the code base and learn docs .NET Usage: [Issues, PRs], Target: .Net

Projects

None yet

Development

Successfully merging this pull request may close these issues.

.NET: [Bug]: Aspire DevUI does not work for the agent server with HttpsRedirection

5 participants