In the long process of upgrading this blog and moving it to Azure I've been slowly fixing small bugs and also dealing with the dozens of microsites I have hanging off of hanselman.com. Some were forgotten, and some just keep chugging along. https://www.babysmash.com/ is one of them.
BabySmash is a silly WPF app I wrote 15 years ago for my baby, natch. He's now learning to drive a car, but it still gets thousands of downloads a month. The code is on Github.
The ClickOnce application and manifests hangs off of http://hanselman.com/babysmash, but the /setup.exe returns a 404.
I had assumed that using this simple code in my Startup.cs's Configure() method would enable static files like setup.exe:
app.UseDefaultFiles();
app.UseStaticFiles();
This was naive I suppose as ASP.NET Core is very much locked down by default so you are really encouraged to be specific and there are few unsafe defaults.
UseStaticFiles includes a parameter for options, so I needed to update the list of mappings from extension to mime/type. So this little helper function:
private StaticFileOptions GetStaticFileOptions()
{
var p = new FileExtensionContentTypeProvider();
p.Mappings[".exe"] = "application/octect-stream";
return new StaticFileOptions { ContentTypeProvider = p };
}
and then you pass that StaticFileOptions class into UseStaticFiles.
app.UseStaticFiles(GetStaticFileOptions());
Clearly a "secure by default" decision, but also one that's easily extended for my needs.
Sponsor: Suffering from a lack of clarity around software bugs? Give your customers the experience they deserve and expect with error monitoring from Raygun.com. Installs in minutes, try it today!
© 2020 Scott Hanselman. All rights reserved.
