HttpClient and Delegating Handlers in .Net Core

The purpose of the article here is to quickly show some code for:

Registering a HttpClient with Net Core DI

Configure the HttpClient

Add a DelegatingHandler to a HttpClient

Use Net Code DI to provide a HttpClient to a consumer

HttpClient issues in .NetFramework

System.Net.Http.HttpClient is a class that can be used to send Http Requests and receive Http Responses.

In .NetFramework applications, there are a couple of pitfalls around using HttpClient.

Disposing of HttpClients does not (always) result in its connections being cleaned up properly. Since network connections are resources of the underlying operating system, they are not managed by the .NET Framework. Heavy use of HttpClient can result in connection starvation on the applications host machine.

This is detailed in the article YOU'RE USING HTTPCLIENT WRONG AND IT IS DESTABILIZING YOUR SOFTWARE

To mitigate this issue, HttpClient is often created as a singleton and shared throughout an application. This leads to the second issue, where HttpClient does not respect DNS changes and consequently fails when an endpoint moves to another IP address (such as in a failover scenario)

.Net Core HttpClientFactory to the rescue

.Net Core provides a HttpClientFactory which manages and pools HttpClientMessageHandlers to avoid the DNS and connection starvation issues.

Its also a central place for naming and configuring HttpClient instances

HttpClientFactory also enables you to configure the pipeline of message handlers that HttpClient uses, which can enable you to do all sorts of fancy things, for example:

Log Requests

Adding Headers

Blocking Certain Requests

Mocking for Unit Testing

Generally, you will use the HttpClientFactory middleware to configure your HttpClients at startup, where you are also wiring up your dependencies. When you are ready to use a HttpClient, you get an instance of IHttpClientFactory and call CreateClient on it to return you an instance of HttpClient.

In the following code snippets, I show one way you might configure a HttpClient, and include a logging message handler to log each request / response.

(It should be noted that System.Net.Http has a built in LoggingMessageHandler that can be used in HttpClient, but its just to illustrate how to add an arbritraty MessageHandler

In the following gist, we create a ServiceCollection, add some simple logging, register our HttpMessageHandlers, register a HttpClient and finally retrieve the HttpClient from IServiceProvider and use it make a HttpRequest.

RegisterHttpMessageHandlers and RegisterHttpClient are extension methods that I have defined elsewhere (and they are included below in the next gist)

https://gist.github.com/systemundertestcode/11476be44a4144c4253957223c84d089

RegisterHttpMessageHandlers registers a LoggingHandler on the ServiceCollection and takes a lambda for resolving an ILogger.

RegisterHttpClient registers a HttpClient using the AddHttpClient extension from System.Net.Http, and adds a DelegateHandler to HttpClient via the resolveLoggingHttpMessageHandler delegate

https://gist.github.com/systemundertestcode/10ad8173779e5f5dcc6d60c149ca9b03

The next gist has the LoggingHandler. It inherits from DelegatingHandler and so it can be added to the request / response pipeline of an HttpClient.

You can see this LoggingHandler being added in RegisterHttpClient

.AddHttpMessageHandler(resolveLoggingHttpMessageHandler);

https://gist.github.com/systemundertestcode/ed4fda1fdc8c16c5eb74c80cfcd5ecd9

To sum up:

Net Core provides a HttpClientFactory, that can be used to configure and create HttpClients that can be injected via DI into your services. The factory pools and manages HttpClients underlying Message Handlers, so that it is not susceptible to the issues that it became known for in .NetFramework.

Crystal Reports - Freezing

Who doesn’t love working with Crystal Reports?

Recently came across an issue with Crystal Reports 11.5 where it appeared to be freezing when opening the Database Expert.

You click Database menu -> Database expert and you expect to see the....database expert. Instead nothing. You click Database menu again and Crystal Reports appears to have frozen.

In my case, the Database Expert screen was appearing on the monitor that was no longer attached to my laptop.

Solution is to add back a monitor to the laptop, open the supplementary screens (which will appear on monitor 2) and drag them back over to monitor 1.

Nice one Crystal Reports!

Practice: Coding Game

In many skill-sets, we use practice drills to improve technique, control, speed. A musician will practice scales and patterns, a martial artist will practice Kata, a swimmer will do drills to improve parts of the stroke, but what about us developers? I’ve seen the idea of drills for developers before in sites like CodeKata but I always thought there was not much need to practice. At least not if you’re working full time in development.

The Coding Game website hosts coding challenges. You can enter online competitions where you run your code against other peoples.

There is also a practice section. In the practice section, there are a whole bevy of puzzles ranked Easy, Medium, Hard and Very Hard.

I’ve been working through the easy puzzles. They are all do-able, but I wouldn’t let the ‘easy’ tag put you off, even the easy ones take a little bit of time to figure out and get right.

The puzzles usually present some back story like ‘Batman is looking for the Joker’ or ‘program the gun turrets on the dock in The Matrix’. The back stories do add a little bit of fun to the challenge. All of the challenges I’ve done so far, boil down to some computer science 101 algorithm: Binary Search, Hash Table, Sorting Lists etc.

The coding challenge usually go like the following:

Read in the data description

Establish array, list or other set of the correct size and dimensions to store the incoming data

Run a loop reading in more data

Calculate the output according to the challenge

Write the output to standard out.

Each puzzle comes with a set of tests of different inputs to test your algorithm and there are additional unseen tests when you submit your code for scoring to discourage hard coding the answers.

Sometimes, you will have to take the performance of your algorithm into account in order to pass some of these tests. For example, one of the tests may be a very large data set and you will need to calculate the correct answer within a time limit.

In addition to all that, there will be a little video that shows, when you run your solution. It will show an animation of your results: in the Batman challenge, you will see Batman searching the building, in the Mars Lander challenge, you will see your spacecraft descending to the planet

Once you have submitted your solution, you can look at the most highly rated solutions. This is a fantastic way to learn how to improve your coding style. Yes you have passed the challenge, but have you much more code than is actually needed?

Some puzzles form part of a series. You may solve the Batman puzzle in medium, then you will find a harder variant of it in the higher difficulties.

When I started off, I was writing classes, static methods, maintaining lists and generally had 100 - 150 lines of code for these easy problems. Looking at other peoples solutions, I learned that often the challenges can be solved in the input loop. I certainly feel this has benefited me a lot as I now actively seek to cut down the number of lines of code to as few as possible. You might also pick up some new techniques, for example, a lot of the highest rated solutions in the ‘easy’ category, use Linq expressions and lambdas

The website rewards you with experience points when you complete a challenge, leveling your profile up, and recording achievements.

CodingGame is an absolutely fantastic site. Great for practicing your coding skills, measuring them against others, shaking off the mental cobwebs.

Angular Sanitize BadParse error

When rendering html, url or other security sensitive bindings, angular, by default, will parse the content in order to make it safe. If angular is not able to guarantee the safety of the content, it will throw an exception.

I ran into this behavior recently with an internal application. The application displays content from our content management system, and allows the user to edit the content. When certain contents were selected by the user, the angular app would raise an exception

‘The sanitizer was unable to parse the following block of html...’

The tried and trusted technique of searching google and stackoverflow, along with the angular documentation quickly gives the cause of the problem and the solution.

The problem, is that angular bindHtml directive cannot parse the html text it is being given, in such a way that the text can be deemed safe.

The solution can be either: fix the content ... or ‘trust’ the content

Have a look at the following gist:

https://gist.github.com/systemundertestcode/eeaf3f43e1ade74b97e7d2a8dc520dff

1. Determine what content is causing the ‘badparse’

If you examine the error in chrome developer tools, it will give you the text of the content that ngSanitize is failing to parse. This should be a useful start in determining exactly where in the application this content is being displayed (as often the stacktrace doesn’t lead directly to the location of the fail).

In this case, the bad content contains a templated url similar to  

‘sample.com?val=#{#variable1#}#&val2=#{#variable2#}#’

In my case, the ampersand symbol was causing the failure here. The $sce documentation mentions that ‘templated urls cannot be sanitized’.

2. Do you trust the content?

In my case, the content is coming from a trusted internal server. It’s not content that is created by end users and isn’t written back to the datastore for use later on ... so we can use the ‘trust’ this content. If you don’t trust the content, then  sorry, the rest of this article is probably not much help to you...

3. Create an angular filter to ‘trust’ the content

angular.module('app.filters').filter('trusted', function ($sce) { return function (html) { return $sce.trustAsHtml(html); } });

Strictly, the filter doesn’t mark the content as ‘trusted’, rather it creates a context object that the ngBindHtml directive both trusts, and knows how to render. This detail is really only important to you if you want the user to be able to edit the content.

4. Root out any other uses of the bad content

After applying the ‘trusted’ filter to the html template, I was still seeing the badParse error ?? 

Well it turned out that a number of other panels in the app were using / showing the content, so it was a matter of rooting these out and enabling the trusted filter at those points in the application.

5. What if the content is user editable?

In a little twist on this problem, the content is being used in an editable section of the application. In the snippet, you can see, we mark the div with the contentEditable attribute (this happens to be an angular directive, source for which can be found by searching), using ngBindHtml to set the content to be that returned from our CMS server (which we trust) and finally using ngModel to store the edited content. Again, we have the luxury of knowing our content comes from internal sources and is not written back with the users changes.

Dependency Injection with .NET Core

.NET Core is new to me. I’ve decided that I might learn something about it by building a small application using the technology.

The goal is to set up an application that uses Dependency Injection.

I wanted to dip the toes into Ninject. First question: Is Ninject compatible with .NET Core?  It seems that it is not yet supported, so I thought I’d revert to what I know ... Unity. It turns out Unity has been sort of dropped by Microsoft, as Core has been built from the ground up to support DI. 

A very basic overview of this support can be seen by looking at the IServiceCollection interface.

A ServiceCollection is basically a list of Interface to Concrete Type mappings. The same as you would make in any of your favorite Dependency Injection libraries.

In the example code above: we new up an instance of the ServiceCollection.

Then we register a mapping of the IHelloWorld interface to the HelloWorld concrete class.

We then call BuildServiceProvider on the service collection to return us the service provider. BuildServiceProvider is an extension method on IServiceCollection.

The service provider, has the ability to get constructed types for us.

With the hello world example above, you should see the basic steps in using the built in Dependency Injection support in Core.

The Definition of Done

It’s old news that many development teams adopt the scrum methodology to manage the software development life-cycle. 

Implementations of the process will vary in different organisations and those variations can be down to, amongst other things: 

the tools the organisation uses (Jira / Confluence / TFS etc.)

the level of experience of the development teams

tailoring the process to suit the needs of the organisation.

Usually, when you join an organisation as a developer, you will be shown the process informally (well this has been my experience). Having seen different real-life variations on the process, and having had no formal training on the scrum process itself I thought I might take a look at an online course about it.

I started watching Benjamin Days course Real World Scrum With Team Foundation Server 2013 on pluralsight. The first thing that caught my attention was the need for a ‘definition of done’. 

It resonated with me as, I could recall countless examples, both from myself and team members, where we had thought something had been done, but turns up in production incomplete.

One frequent example of this, would be that the code is released to production, but the database changes are forgotten about, or perhaps several applications need to be released at the same time.

So, the question is raised: when you are working on your backlog items, when can you say you are done? 

When the code is written and checked in?

When it is reviewed? 

When it makes it to production?

The answer is going to be different for each team and in my case, I actually had not  seen a formal ‘definition of done’ document in any of the places I have worked. I decided to create one for myself.

At first, you may not know exactly what to put in it, but that is fine, as over time you can refine the definition based on your own discoveries.

I created a spreadsheet, like the one below, that has a checklist of the typical things that need to be completed in order to say that the task is truly ‘done’

If your team doesn’t have a ‘definition of done’ document, then there is no reason not to make your own. You will be surprised at all the little things you need to remember in order to really complete your development tasks and you will benefit from the knowing more or less where your PBIs really are relative to production.

A quick glance over your checklist before your daily standup will can help refresh the status of your work in your mind.

As I am using TFS in my current role, I see that it has the option to define a definition of done. I haven’t explored the feature yet, though I am planning to do so.  For now though, I’m using the spreadsheet, and already seeing the benefits of having a ‘definition of done’.