Kestrel is a cross-platform ​web server for ASP.NET Core​. Kestrel is the web server that's included by default in ASP.

NET Core project templates.

Kestrel supports the following scenarios:
● HTTPS
● Opaque upgrade used to enable ​WebSockets
● Unix sockets for high performance behind Nginx
● HTTP/2 (except on macOS†)

A reverse proxy:
● Can limit the exposed public surface area of the apps that it hosts.
● Provide an additional layer of configuration and defense.
● Might integrate better with existing infrastructure.
● Simplify load balancing and secure communication (HTTPS) configuration. Only the reverse proxy server requires an X.509 certificate,
and that server can communicate with the app's servers on the internal network using plain HTTP.
Globalization vs Localization
Internationalization involves ​Globalization​ and ​Localization​. Globalization is the process of designing apps that support different cultures. Globalization
adds support for input, display, and output of a defined set of language scripts that relate to specific geographic areas.
Localization is the process of adapting a globalized app, which you have already processed for localizability, to a particular culture/locale. For more
information see Globalization and localization terms near the end of this document.
App localization involves the following:
1. Make the app's content localizable
2. Provide localized resources for the languages and cultures you support
3. Implement a strategy to select the language/culture for each request
What is Model binding
Controllers and Razor pages work with data that comes from HTTP requests. For example, route data may provide a record key, and posted form fields
may provide values for the properties of the model. Writing code to retrieve each of these values and convert them from strings to .NET types would be
tedious and error-prone. Model binding automates this process. The model binding system:
● Retrieves data from various sources such as route data, form fields, and query strings.
● Provides the data to controllers and Razor pages in method parameters and public properties.
● Converts string data to .NET types.
● Updates properties of complex types.
IModelBinder - For custom model binder

URL rewriting is valuable in several scenarios to:

● Move or replace server resources temporarily or permanently and maintain stable locators for those resources.
● Split request processing across different apps or across areas of one app.
● Remove, add, or reorganize URL segments on incoming requests.
● Optimize public URLs for Search Engine Optimization (SEO).
● Permit the use of friendly public URLs to help visitors predict the content returned by requesting a resource.
● Redirect insecure requests to secure endpoints.
● Prevent hotlinking, where an external site uses a hosted static asset on another site by linking the asset into its own content.
Common Cache-Control directives are shown in the following table.
Directive Action

public A cache may store the response.

private The response must not be stored by a shared cache. A private cache may store and reuse the response.

max-age The client doesn't accept a response whose age is greater than the specified number of seconds. Examples: max-age=60 (60
seconds), max-age=2592000 (1 month)

no-cache On requests: A cache must not use a stored response to satisfy the request. The origin server regenerates the response for
the client, and the middleware updates the stored response in its cache.

On responses: The response must not be used for a subsequent request without validation on the origin server.

no-store On requests: A cache must not store the request.

On responses: A cache must not store any part of the response.

Other cache headers that play a role in caching are shown in the following table.
 Header Function

Age An estimate of the amount of time in seconds since the response was generated or successfully validated at the origin server.

Expires The time after which the response is considered stale.

Pragma Exists for backwards compatibility with HTTP/1.0 caches for setting no-cache behavior. If the Cache-Control header is present,
the Pragma header is ignored.

Vary Specifies that a cached response must not be sent unless all of the Vary header fields match in both the cached response's
original request and the new request.

Caching basics
Caching can significantly improve the performance and scalability of an app by reducing the work required to generate content. Caching works best with
data that changes infrequently and is expensive to generate. Caching makes a copy of data that can be returned much faster than from the source. Apps
should be written and tested to never depend on cached data.
Cache guidelines
● Code should always have a fallback option to fetch data and not depend on a cached value being available.
● The cache uses a scarce resource, memory. Limit cache growth:
○ Do not use external input as cache keys.
○ Use expirations to limit cache growth.
○ Use SetSize, Size, and SizeLimit to limit cache size​. The ASP.NET Core runtime does not limit cache size based on memory
pressure. It's up to the developer to limit cache size.
How garbage collection (GC) works in .NET Core
The GC allocates heap segments where each segment is a contiguous range of memory. Objects placed in the heap are categorized into one of 3
generations: 0, 1, or 2. The generation determines the frequency the GC attempts to release memory on managed objects that are no longer referenced
by the app. Lower numbered generations are GC'd more frequently.
Objects are moved from one generation to another based on their lifetime. As objects live longer, they are moved into a higher generation. As mentioned
previously, higher generations are GC'd less often. Short term lived objects always remain in generation 0. For example, objects that are referenced
during the life of a web request are short lived. Application level ​singletons​ generally migrate to generation 2.
When an ASP.NET Core app starts, the GC:
● Reserves some memory for the initial heap segments.
● Commits a small portion of memory when the runtime is loaded.
The preceding memory allocations are done for performance reasons. The performance benefit comes from heap segments in contiguous memory.
Authentication
is the process of determining a user's identity. ​Authorization​ is the process of determining whether a user has access to a resource. In ASP.NET Core,
authentication is handled by the IAuthenticationService, which is used by authentication ​middleware​. The authentication service uses registered
authentication handlers to complete authentication-related actions. Examples of authentication-related actions include:
● Authenticating a user.
● Responding when an unauthenticated user tries to access a restricted resource.
Authorization
refers to the process that determines what a user is able to do. For example, an administrative user is allowed to create a document library, add
documents, edit documents, and delete them. A non-administrative user working with the library is only authorized to read the documents.
Authorization is orthogonal and independent from authentication. However, authorization requires an authentication mechanism. Authentication is the
process of ascertaining who a user is. Authentication may create one or more identities for the current user.

app.UseHttpsRedirection();

ASP.NET Core provides the following benefits:

● A unified story for building web UI and web APIs.
● Architected for testability.
● Razor Pages​ makes coding page-focused scenarios easier and more productive.
● Blazor​ lets you use C# in the browser alongside JavaScript. Share server-side and client-side app logic all written with .NET.
● Ability to develop and run on Windows, macOS, and Linux.
● Open-source and ​community-focused​.
● Integration of ​modern, client-side frameworks​ and development workflows.
● Support for hosting Remote Procedure Call (RPC) services using ​gRPC​.
● A cloud-ready, environment-based ​configuration system​.
● Built-in ​dependency injection​.
● A lightweight, ​high-performance​, and modular HTTP request pipeline.
● Ability to host on the following:
○ Kestrel
○ IIS
○ HTTP.sys
○ Nginx
○ Apache
○ Docker
● Side-by-side versioning​.
 ● Tooling that simplifies modern web development.
Use .NET Core for your server application when:
● You have cross-platform needs.
● You are targeting microservices.
● You are using Docker containers.
● You need high-performance and scalable systems.
● You need side-by-side .NET versions per application.
Use .NET Framework for your server application when:
● Your app currently uses .NET Framework (recommendation is to extend instead of migrating).
● Your app uses third-party .NET libraries or NuGet packages not available for .NET Core.
● Your app uses .NET technologies that aren't available for .NET Core.
● Your app uses a platform that doesn’t support .NET Core. Windows, macOS, and Linux support .NET Core.
What is Middleware in ASP.NET Core?
Middleware is software injected into the application pipeline to handle request and responses. Now we can manipulate http request and response which
was not possible with earlier Asp.net Framework, Middleware are just like chained to each other and form as a pipeline. We can change the order in
configuration
What is the startup class in ASP.NET core?
Startup class​ is the entry point of any ASP.NET Core application, This class contains the application configuration rated details, it has two main method
ConfigureServices() and Configure()
What are advantages of ASP.NET Core compare to ASP.NET?
Here are the key advantages of using Asp.Net Core
● It supports cross-platform application building, so it can be run on Windows, Linux and Mac.
● Now no framework installation required, because all the required dependencies are packaged with asp.net core application
● Asp.Net Core has in-built logging capabilities
● ASP.NET Core can handle request more efficiently than the ASP.NET
What is Configure method of startup class, what does it do?
It defines the HTTP pipeline, how the application will respond to request. We can change the sequence of middleware configuration, it accepts
IApplicationBuilder as a parameter and two optional parameters: IHostingEnvironment and ILoggerFactory.
Using this method, we can configure built-in middleware such as authentication, error handling and also any custom middleware or third-party
middleware.
Difference between IApplicationBuilder.Use() and IApplicationBuilder.Run()?
Both methods are used to add middleware delegate to the application request pipeline.
Use method may call the next middleware in the pipeline.
Run method never calls the subsequent ore next middleware, After IApplicationBuilder.Run method, system stops adding middleware in pipeline
How to enable Session in ASP.NET Core?
The middleware for the session is provided by Microsoft.AspNetCore.Session. To use the session in ASP.NET Core application we need to add the
middleware in pipeline
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
services.AddSession();
services.AddMvc();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseSession();
}
}
The ​Common Type System (CTS)​ standardizes the data types of all programming languages using .NET under the umbrella of .NET to a common data type
for easy and smooth communication among these .NET languages.
CTS is designed as a singly rooted object hierarchy with ​System.Object​ as the base type from which all other types are derived. CTS supports two different
kinds of types:
1. Value Types: Contain the values that need to be stored directly on the stack or allocated inline in a structure. They can be built-in (standard
primitive types), user-defined (defined in source code) or enumerations (sets of enumerated values that are represented by labels but stored as
a numeric type).
2. Reference Types: Store a reference to the value‘s memory address and are allocated on the heap. Reference types can be any of the pointer
types, interface types or self-describing types (arrays and class types such as user-defined classes, boxed value types and delegates).
Explain what is included in .NET Core?
● A .NET runtime, which provides a type system, assembly loading, a garbage collector, native interop and other basic services.
● A set of framework libraries, which provide primitive data types, app composition types and fundamental utilities.
● A set of SDK tools and language compilers that enable the base developer experience, available in the .NET Core SDK.
● The 'dotnet' app host, which is used to launch .NET Core apps. It selects the runtime and hosts the runtime, provides an assembly loading policy
and launches the app. The same host is also used to launch SDK tools in much the same way.
What's the difference between .NET Core, .NET Framework, and Xamarin?

● .NET Framework is the "full" or "traditional" flavor of .NET that's distributed with Windows. Use this when you are building a desktop Windows
or UWP app, or working with older ASP.NET 4.6+.
● .NET Core is cross-platform .NET that runs on Windows, Mac, and Linux. Use this when you want to build console or web apps that can run on
any platform, including inside Docker containers. This does not include UWP/desktop apps currently.
● Xamarin is used for building mobile apps that can run on iOS, Android, or Windows Phone devices.
Explain the difference between Task and Thread in .NET
 ● Thread represents an actual OS-level thread, with its own stack and kernel resources. Thread allows the highest degree of control; you can
Abort() or Suspend() or Resume() a thread, you can observe its state, and you can set thread-level properties like the stack size, apartment
state, or culture. ThreadPool is a wrapper around a pool of threads maintained by the CLR.
● The Task class from the Task Parallel Library offers the best of both worlds. Like the ThreadPool, a task does not create its own OS thread.
Instead, tasks are executed by a TaskScheduler; the default scheduler simply runs on the ThreadPool. Unlike the ThreadPool, Task also allows
you to find out when it finishes, and (via the generic Task) to return a result.
What is JIT compiler?
Before a computer can execute the source code, special programs called compilers must rewrite it into machine instructions, also known as object code.
This process (commonly referred to simply as “compilation”) can be done explicitly or implicitly.
Implicit compilation is a two-step process:
● The first step is converting the source code to intermediate language (IL) by a language-specific compiler.
● The second step is converting the IL to machine instructions. The main difference with the explicit compilers is that only executed fragments of
IL code are compiled into machine instructions, at runtime. The .NET framework calls this compiler the JIT (Just-In-Time) compiler.
CTS

● Establish a framework for cross-language execution.

● Provide an object-oriented model to support implementing various languages on a .NET
implementation.
● Define a set of rules that all languages must follow when it comes to working with types.
● Provide a library that contains the basic primitive types that are used in application
development (such as, B​ oolean​, B​ yte​, C​ har​ etc.)

CTS defines several categories of types, each with their specific semantics and usage:

● Classes
● Structures
● Enums
● Interfaces
● Delegates

CTS also defines all other properties of the types, such as access modifiers, what are valid type
members, how inheritance and overloading works and so on. Unfortunately, going deep into any of those
is beyond the scope of an introductory article such as this, but you can consult ​More resources​ section at
the end for links to more in-depth content that covers these topics.

Common Language Specification