From c6b6de8934b8ba8d942374d78b9e22573a7ca303 Mon Sep 17 00:00:00 2001 From: AthiswaranVeerasekaran Date: Mon, 10 Nov 2025 10:35:40 +0530 Subject: [PATCH 1/5] 991761: Replace obsolete Class used in CSP --- .../common/EJ2_ASP.NETCORE/content-security-policy.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md b/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md index e845898604..96401b6de2 100644 --- a/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md +++ b/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md @@ -29,9 +29,8 @@ using System.Security.Cryptography; ... app.Use(async (context, next) => { - RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); byte[] nonceBytes = new byte[32]; - rng.GetBytes(nonceBytes); + RandomNumberGenerator.Fill(nonceBytes); string nonceValue = Convert.ToBase64String(nonceBytes); context.Items.Add("ScriptNonce", nonceValue); context.Response.Headers.Add("Content-Security-Policy", string.Format( From b69411cdfff38e4263e7289b84b32c60bdecc0ac Mon Sep 17 00:00:00 2001 From: AthiswaranVeerasekaran Date: Thu, 13 Nov 2025 15:45:11 +0530 Subject: [PATCH 2/5] 991761: Replace obsolete Class used in CSP --- .../common/EJ2_ASP.NETCORE/content-security-policy.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md b/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md index 96401b6de2..6cac6cd04b 100644 --- a/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md +++ b/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md @@ -8,7 +8,7 @@ publishingplatform: ##Platform_Name## documentation: ug --- -# Content Security Policy +# Content Security Policy in ASp.Net Core Content Security Policy (CSP) is a security feature implemented by web browsers to protect against attacks such as cross-site scripting (XSS) and data injection. It limits the sources from which content can be loaded on a web page. To enable strict Content Security Policy (CSP), certain browser features are disabled by default. To use Syncfusion® controls with strict CSP mode, it is essential to include the following directives: @@ -35,7 +35,7 @@ app.Use(async (context, next) => context.Items.Add("ScriptNonce", nonceValue); context.Response.Headers.Add("Content-Security-Policy", string.Format( "script-src 'self' 'nonce-{0}' https://cdn.syncfusion.com;" + - "style-src-elem 'self' 'unsafe-inline' https://cdn.syncfusion.com https://fonts.googleapis.com;" + + "style-src-elem 'self' 'nonce-{0}' https://cdn.syncfusion.com https://fonts.googleapis.com;" + "font-src 'self' data: https://fonts.gstatic.com;" + "object-src 'none';", nonceValue)); await next(); From 1fba9e797940257dba89cfc0ae764106ef01f0dd Mon Sep 17 00:00:00 2001 From: AthiswaranVeerasekaran Date: Thu, 13 Nov 2025 15:57:04 +0530 Subject: [PATCH 3/5] 991761: Replace obsolete Class used in CSP --- .../common/EJ2_ASP.NETCORE/content-security-policy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md b/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md index 6cac6cd04b..270b9dcf48 100644 --- a/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md +++ b/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md @@ -8,7 +8,7 @@ publishingplatform: ##Platform_Name## documentation: ug --- -# Content Security Policy in ASp.Net Core +# Content Security Policy in ASP.NET Core Content Security Policy (CSP) is a security feature implemented by web browsers to protect against attacks such as cross-site scripting (XSS) and data injection. It limits the sources from which content can be loaded on a web page. To enable strict Content Security Policy (CSP), certain browser features are disabled by default. To use Syncfusion® controls with strict CSP mode, it is essential to include the following directives: From 0b092c60314abeab9059a91ac326b2f3bcb74985 Mon Sep 17 00:00:00 2001 From: AthiswaranVeerasekaran Date: Thu, 13 Nov 2025 16:36:52 +0530 Subject: [PATCH 4/5] 991761: Replace obsolete Class used in CSP --- .../common/EJ2_ASP.NETCORE/content-security-policy.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md b/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md index 270b9dcf48..1277e42aac 100644 --- a/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md +++ b/ej2-asp-core-mvc/common/EJ2_ASP.NETCORE/content-security-policy.md @@ -32,7 +32,7 @@ app.Use(async (context, next) => byte[] nonceBytes = new byte[32]; RandomNumberGenerator.Fill(nonceBytes); string nonceValue = Convert.ToBase64String(nonceBytes); - context.Items.Add("ScriptNonce", nonceValue); + context.Items.Add("Nonce", nonceValue); context.Response.Headers.Add("Content-Security-Policy", string.Format( "script-src 'self' 'nonce-{0}' https://cdn.syncfusion.com;" + "style-src-elem 'self' 'nonce-{0}' https://cdn.syncfusion.com https://fonts.googleapis.com;" + @@ -51,8 +51,10 @@ app.Use(async (context, next) => {% highlight c# tabtitle="~/_Layout.cshtml" %} ... + + - + {% endhighlight %} {% endtabs %} @@ -64,7 +66,7 @@ app.Use(async (context, next) => ... - + {% endhighlight %} {% endtabs %} From 464c6d1914779fcf64360ed4b36796a8f7fe24a4 Mon Sep 17 00:00:00 2001 From: MuthukumarK <33709971+kmuthukumarmkm@users.noreply.github.com> Date: Thu, 13 Nov 2025 16:53:38 +0530 Subject: [PATCH 5/5] 00000: Update net 10 related changes --- ej2-asp-core-mvc/EJ2_ASP.NETCORE/system-requirements.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/ej2-asp-core-mvc/EJ2_ASP.NETCORE/system-requirements.md b/ej2-asp-core-mvc/EJ2_ASP.NETCORE/system-requirements.md index f433cfafa1..6ad654c4e6 100644 --- a/ej2-asp-core-mvc/EJ2_ASP.NETCORE/system-requirements.md +++ b/ej2-asp-core-mvc/EJ2_ASP.NETCORE/system-requirements.md @@ -16,7 +16,8 @@ To get started with ASP.NET Core application, ensure the following software to b ASP.NET Core Applications can be developed using one of the following IDEs. You can also develop using [.NET CLI](https://docs.microsoft.com/en-us/dotnet/core/tools/) without below IDEs. -* [Visual Studio 2022](https://visualstudio.microsoft.com/vs/) +* [Visual Studio 2026](https://visualstudio.microsoft.com/downloads/#visual-studio-professional-2026) +* [Visual Studio 2022](https://visualstudio.microsoft.com/vs/older-downloads/#visual-studio-2022-and-other-products) * [Visual Studio 2019](https://visualstudio.microsoft.com/vs/older-downloads/) * [Visual Studio Code](https://code.visualstudio.com/) @@ -24,13 +25,15 @@ ASP.NET Core Applications can be developed using one of the following IDEs. You One of the the following .NET SDK is required to develop and run the Syncfusion® UI controls for ASP.NET Core application. +* [.NET 10.0 SDK](https://dotnet.microsoft.com/en-us/download/dotnet/10.0) * [.NET 9.0 SDK](https://dotnet.microsoft.com/en-us/download/dotnet/9.0) * [.NET 8.0 SDK](https://dotnet.microsoft.com/en-us/download/dotnet/8.0) * [.NET Core SDK 3.1](https://dotnet.microsoft.com/en-us/download/dotnet/3.1) * [.NET Core SDK 2.0](https://dotnet.microsoft.com/en-us/download/dotnet/2.0) If you are planning to use Visual Studio to develop ASP.NET Core Applications. +* .NET 10.0 requires Visual Studio 2026 18.0.0 or later. * .NET 9.0 requires Visual Studio 2022 17.12.0 or later. * .NET 8.0 requires Visual Studio 2022 17.8.0 or later. * .NET Core SDK 3.1 requires Visual Studio 2019 16.4 or later. -* .NET Core SDK 2.0 requires Visual Studio 2017 15.7 or later. \ No newline at end of file +* .NET Core SDK 2.0 requires Visual Studio 2017 15.7 or later.