fix(middleware): move UseCors() before MapControllers(), add inline docs (#451)#462
fix(middleware): move UseCors() before MapControllers(), add inline docs (#451)#462nanotaboada merged 2 commits intomasterfrom
UseCors() before MapControllers(), add inline docs (#451)#462Conversation
…ocs (#451) Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
✅ Files skipped from review due to trivial changes (1)
🚧 Files skipped from review as they are similar to previous changes (1)
WalkthroughReorders middleware and service-registration sections in Program.cs: moves CORS to run before controllers, maps health checks with rate-limiting disabled, and separates an Infrastructure registration block; updates AddCorsDefaultPolicy docs to state permissive CORS applies only in Development and documents middleware ordering in comments. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
participant Client as Client
participant App as ASP.NET Core App
participant CORS as CORS Middleware
participant RL as Rate Limiter
participant HC as HealthChecks Endpoint
participant Ctrl as Controllers
Client->>App: HTTP request to /health
App->>HC: Route to /health endpoint
HC-->>App: Health checks response (bypasses Rate Limiter)
App-->>Client: 200 OK
Client->>App: HTTP request to /api/...
App->>CORS: Apply CORS policy (Dev-only permissive)
CORS-->>App: CORS decisions
App->>RL: Rate limiting
RL-->>App: Allow / Throttle
App->>Ctrl: Invoke controller endpoint
Ctrl-->>App: Response
App-->>Client: Response
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Assessment against linked issues
Possibly related PRs
🚥 Pre-merge checks | ✅ 1 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (1 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
UseCors() before MapControllers(), add inline docs (#451)
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@src/Dotnet.Samples.AspNetCore.WebApi/Program.cs`:
- Around line 92-100: The health-check endpoint is mapped but not exempted from
the global rate limiter; update the MapHealthChecks call to disable rate
limiting for that endpoint (e.g., call
app.MapHealthChecks("/health").DisableRateLimiting() or apply
DisableRateLimiting metadata) so the health probe truly "always succeed
regardless of rate-limiting thresholds"; ensure the
Microsoft.AspNetCore.RateLimiting namespace is imported if needed and keep
app.UseRateLimiter() as-is.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 6c10da27-eac6-4730-b7ce-0fbe68ee199f
📒 Files selected for processing (3)
CHANGELOG.mdsrc/Dotnet.Samples.AspNetCore.WebApi/Extensions/ServiceCollectionExtensions.cssrc/Dotnet.Samples.AspNetCore.WebApi/Program.cs
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
0f3a810 to
4e2283b
Compare
|



Summary
UseCors()beforeMapControllers()inProgram.csto follow the standard ASP.NET Core middleware pipeline orderInfrastructureservice registration subsection separating cross-cutting concerns (health checks, CORS, rate limiting, Swagger) from theControllerssubsectionWeb Application,Database Migration,Middlewares)Program.csandServiceCollectionExtensions.AddCorsDefaultPolicyvia a<remarks>XML doc blockTest plan
dotnet build --configuration Releasepasses with 0 warningsdotnet test --settings .runsettingspasses — 41/41 testsdotnet csharpier --check .passesCloses #451
🤖 Generated with Claude Code
Summary by CodeRabbit
Bug Fixes
Documentation
Chores