برچسب: How

how I automated my blogging workflow with GitHub, PowerShell, and Azure | Code4IT
After 100 articles, I’ve found some neat ways to automate my blogging workflow. I will share my experience and the tools I use from the very beginning to the very end.

Table of Contents

Just a second! 🫷
If you are here, it means that you are a software developer.
So, you know that storage, networking, and domain management have a cost .

If you want to support this blog, please ensure that you have disabled the adblocker for this site.
I configured Google AdSense to show as few ADS as possible – I don’t want to bother you with lots of ads, but I still need to add some to pay for the resources for my site.

Thank you for your understanding.
– Davide

This is my 100th article 🥳 To celebrate it, I want to share with you the full process I use for writing and publishing articles.

In this article I will share all the automation and tools I use for writing, starting from the moment an idea for an article pops up in my mind to what happens weeks after an article has been published.

I hope to give you some ideas to speed up your publishing process. Of course, I’m open to suggestions to improve my own flow: perhaps (well, certainly), you use better tools and processes, so feel free to share them.

Introducing my blog architecture

To better understand what’s going on, I need a very brief overview of the architecture of my blog.

It is written in Gatsby, a framework based on ReactJS that, in short, allows you to transform Markdown files into blog posts (it does many other things, but they are not important for the purpose of this article).

So, all my blog is stored in a private GitHub repository. Every time I push some changes on the master branch, a new deployment is triggered, and I can see my changes in a bunch of minutes on my blog.

As I said, I use Gatsby. But the key point here is that my blog is stored in a GitHub repo: this means that everything you’ll read here is valid for any Headless CMS based on Git, such as Gatsby, Hugo, NextJS, and Jekyll.

Now that you know some general aspects, it’s time to deep dive into my writing process.

Before writing: organizing ideas with GitHub

My central source, as you might have already understood, is GitHub.

There, I write all my notes and keep track of the status of my articles.

Everything is quite well organized, and with the support of some automation, I can speed up my publishing process.

Github Projects to track the status of the articles

GitHub Projects are the parts of GitHub that allow you to organize GitHub Issues to track their status.

I’ve created 2 GitHub Projects: one for the main articles (like this one), and one for my C# and Clean Code Tips.

In this way, I can use different columns and have more flexibility when handling the status of the tasks.

GitHub issues templates

As I said, to write my notes I use GitHub issues.

When I add a new Issue, the first thing is to define which type of article I want to write. And, since sometimes many weeks or months pass between when I came up with the idea for an article and when I start writing it, I need to organize my ideas in a structured way.

To do that, I use GitHub templates. When I create a new Issue, I choose which kind of article I’m going to write.

Based on the layout, I can add different info. For instance, when I want to write a new “main” article, I see this form

which is prepopulated with some fields:
- Title: with a placeholder ([Article] )
- Content: with some sections (the titles, translated from Italian, mean Topics, Links, General notes)
- Labels: I automatically assign the Article label to the issue (you’ll see later why I do that)
How can you create GitHub issue templates? All you need is a Markdown file under the .github/ISSUE_TEMPLATE folder with content similar to this one.
--- name: New article about: New blog article title: "[Article] - " labels: Article assignees: bellons91 --- ## Argomenti ## Link ## Appunti vari
And you’re good to go!

GitHub action to assign issues to a project

Now I have GitHub Projects and different GitHub Issues Templates. How can I join the different parts? Well, with GitHub Actions!

With GitHub Actions, you can automate almost everything that happens in GitHub (and outside) using YAML files.

So, here’s mine:

For better readability, you can find the Gist here.

This action looks for opened and labeled issues and pull requests, and based on the value of the label it assigns the element to the correct project.

In this way, after I choose a template, filled the fields, and added additional labels (like C#, Docker, and so on), I can see my newly created issue directly in the Articles board. Neat 😎

Writing

Now it’s the time of writing!

As I said, I’m using Gatsby, so all my articles are stored in a GitHub repository and written in Markdown.

For every article I write, I use a separate git branch: in this way, I’m free to update the content already online (in case of a typo) without publishing my drafts.

But, of course, I automated it! 😎

Powershell script to scaffold a new article

Every article lives in its /content/posts/{year}/{folder-name}/article.md file. And they all have a cover image in a file named cover.png.

Also, every MD file begins with a Frontmatter section, like this:
--- title: "How I automated my publishing flow with Gatsby, GitHub, PowerShell and Azure" path: "/blog/automate-articles-creations-github-powershell-azure" tags: ["MainArticle"] featuredImage: "./cover.png" excerpt: "a description for 072-how-i-create-articles" created: 4219-11-20 updated: 4219-11-20 ---
But, you know, I was tired of creating everything from scratch. So I wrote a Powershell Script to do everything for me.

You can find the code in this Gist.

This script performs several actions:
1. Switches to the Master branch and downloads the latest updates
2. Asks for the article slug that will be used to create the folder name
3. Creates a new branch using the article slug as a name
4. Creates a new folder that will contain all the files I will be using for my article (markdown content and images)
5. Creates the article file with the Frontmatter part populated with dummy values
6. Copies a placeholder image into this folder; this image will be the temporary cover image
In this way, with a single command, I can scaffold a new article with all the files I need to get started.

Ok, but how can I run a PowerShell in a Gatsby repository?

I added this script in the package.json file
```
"create-article": "@powershell -NoProfile -ExecutionPolicy Unrestricted -Command ./article-creator.ps1",
```
where article-creator.ps1 is the name of the file that contains the script.

Now I can simply run npm run create-article to have a new empty article in a new branch, already updated with everything published in the Master branch.

Markdown preview on VS Code

I use Visual Studio Code to write my articles: I like it because it’s quite fast and with lots of functionalities to write in Markdown (you can pick your favorites in the Extensions store).

One of my favorites is the Preview on Side. To see the result of your MarkDown on a side panel, press CTRL+SHIFT+P and select Open Preview to the Side.

Here’s what I can see right now while I’m writing:

Grammar check with Grammarly

Then, it’s time for a check on the Grammar. I use Grammarly, which helps me fix lots of errors (well, in the last time, only a few: it means I’ve improved a lot! 😎).

I copy the Markdown in their online editor, fix the issues, and copy it back into my repo.

Fun fact: the online editor recognizes that you’re using Markdown and automatically checks only the actual text, ignoring all the symbols you use in Markdown (like brackets).

Unprofessional, but fun, cover images

One of the tasks I like the most is creating my cover images.

I don’t use stock images, I prefer using less professional but more original cover images.

You can see all of them here.

Creating and scheduling PR on GitHub with Templates and Actions

Now that my article is complete, I can set it as ready for being scheduled.

To do that, I open a Pull Request to the Master Branch, and, again, add some kind of automation!

I have created a PR template in an MD file, which I use to create a draft of the PR content.

In this way, I can define which task (so, which article) is related to this PR, using the “Closes” formula (“Closes #111174” means that I’m closing the Issue with ID 111174).

Also, I can define when this PR will be merged on Master, using the /schedule tag.

It works because I have integrated into my workflow a GitHub Action, merge-schedule, that reads the date from that field to understand when the PR must be merged.

So, every Tuesday at 8 AM, this action runs to check if there are any PRs that can be merged. If so, the PR will be merged into master, and the CI/CD pipeline builds the site and publishes the new content.

As usual, you can find the code of this action here

After the PR is merged, I also receive an email that notifies me of the action.

After publishing

Once a new article is online, I like to give it some visibility.

To do that, I heavily rely on Azure Logic Apps.

Azure Logic App for sharing on Twitter

My blog exposes an RSS feed. And, obviously, when a new article is created, a new item appears in the feed.

I use it to trigger an Azure Logic App to publish a message on Twitter:

The Logic App reads the newly published feed item and uses its metadata to create a message that will be shared on Twitter.

If you prefer, you can use a custom Azure Function! The choice is yours!

Cross-post reminder with Azure Logic Apps

Similarly, I use an Azure Logic App to send to myself an email to remind me to cross-post my articles to other platforms.

I’ve added a delay so that my content lives longer, and I can repost it even after weeks or months.

Unluckily, when I cross-post my articles I have to do it manually, This is quite a time-consuming especially when there are lots of images: in my MD files I use relative paths, so when porting my content to different platforms I have to find the absolute URL for my images.

And, my friends, this is everything that happens in the background of my blog!

What I’m still missing

I’ve added a lot of effort to my blog, and I’m incredibly proud of it!

But still, there are a few things I’d like to improve.

SEO Tools/analysis

I’ve never considered SEO. Or, better, Keywords.

I write for the sake of writing, and because I love it. And I don’t like to stuff my content with keywords just to rank better on search engines.

I take care of everything like alt texts, well-structured sections, and everything else. But I’m not able to follow the “rules” to find the best keywords.

Maybe I should use some SEO tools to find the best keywords for me. But I don’t want to bend to that way of creating content.

Also, I should spend more time thinking of the correct title and section titles.

Any idea?

Easy upgrade of Gatsby/Migrate to other headless CMSs

Lastly, I’d like to find another theme or platform and leave the one I’m currently using.

Not because I don’t like it. But because many dependencies are outdated, and the theme I’m using hasn’t been updated since 2019.

Wrapping up

That’s it: in this article, I’ve explained everything that I do when writing a blog post.

Feel free to take inspiration from my automation to improve your own workflow, and contact me if you have some nice improvements or ideas: I’m all ears!

So, for now, happy coding!

🐧
Source link
آگوست 21, 2025
How to improve Serilog logging in .NET 6 by using Scopes | Code4IT
Logs are important. Properly structured logs can be the key to resolving some critical issues. With Serilog’s Scopes, you can enrich your logs with info about the context where they happened.

Table of Contents

Just a second! 🫷
If you are here, it means that you are a software developer.
So, you know that storage, networking, and domain management have a cost .

If you want to support this blog, please ensure that you have disabled the adblocker for this site.
I configured Google AdSense to show as few ADS as possible – I don’t want to bother you with lots of ads, but I still need to add some to pay for the resources for my site.

Thank you for your understanding.
– Davide

Even though it’s not one of the first things we usually set up when creating a new application, logging is a real game-changer in the long run.

When an error occurred, if we have proper logging we can get more info about the context where it happened so that we can easily identify the root cause.

In this article, we will use Scopes, one of the functionalities of Serilog, to create better logs for our .NET 6 application. In particular, we’re going to create a .NET 6 API application in the form of Minimal APIs.

We will also use Seq, just to show you the final result.

Adding Serilog in our Minimal APIs

We’ve already explained what Serilog and Seq are in a previous article.

To summarize, Serilog is an open source .NET library for logging. One of the best features of Serilog is that messages are in the form of a template (called Structured Logs), and you can enrich the logs with some value automatically calculated, such as the method name or exception details.

To add Serilog to your application, you simply have to run dotnet add package Serilog.AspNetCore.

Since we’re using Minimal APIs, we don’t have the StartUp file anymore; instead, we will need to add it to the Program.cs file:
builder.Host.UseSerilog((ctx, lc) => lc .WriteTo.Console() );
Then, to create those logs, you will need to add a specific dependency in your classes:
public class ItemsRepository : IItemsRepository { private readonly ILogger<ItemsRepository> _logger; public ItemsRepository(ILogger<ItemsRepository> logger) { _logger = logger; } }
As you can see, we’re injecting an ILogger<ItemsRepository>: specifying the related class automatically adds some more context to the logs that we will generate.

Installing Seq and adding it as a Sink

Seq is a logging platform that is a perfect fit for Serilog logs. If you don’t have it already installed, head to their download page and install it locally (you can even install it as a Docker container 🤩).

In the installation wizard, you can select the HTTP port that will expose its UI. Once everything is in place, you can open that page on your localhost and see a page like this:

On this page, we will see all the logs we write.

But wait! ⚠ We still have to add Seq as a sink for Serilog.

A sink is nothing but a destination for the logs. When using .NET APIs we can define our sinks both on the appsettings.json file and on the Program.cs file. We will use the second approach.

First of all, you will need to install a NuGet package to add Seq as a sink: dotnet add package Serilog.Sinks.Seq.

Then, you have to update the Serilog definition we’ve seen before by adding a .WriteTo.Seq instruction:
builder.Host.UseSerilog((ctx, lc) => lc .WriteTo.Console() .WriteTo.Seq("http://localhost:5341") );
Notice that we’ve specified also the port that exposes our Seq instance.

Now, every time we log something, we will see our logs both on the Console and on Seq.

How to add scopes

The time has come: we can finally learn how to add Scopes using Serilog!

Setting up the example

For this example, I’ve created a simple controller, ItemsController, which exposes two endpoints: Get and Add. With these two endpoints, we are able to add and retrieve items stored in an in-memory collection.

This class has 2 main dependencies: IItemsRepository and IUsersItemsRepository. Each of these interfaces has its own concrete class, each with a private logger injected in the constructor:
public ItemsRepository(ILogger<ItemsRepository> logger) { _logger = logger; }
and, similarly
public UsersItemRepository(ILogger<UsersItemRepository> logger) { _logger = logger; }
How do those classes use their own _logger instances?

For example, the UsersItemRepository class exposes an AddItem method that adds a specific item to the list of items already possessed by a specific user.
public void AddItem(string username, Item item) { if (!_usersItems.ContainsKey(username)) { _usersItems.Add(username, new List<Item>()); _logger.LogInformation("User was missing from the list. Just added"); } _usersItems[username].Add(item); _logger.LogInformation("Added item for to the user's catalogue"); }
We are logging some messages, such as “User was missing from the list. Just added”.

Something similar happens in the ItemsRepository class, where we have a GetItem method that returns the required item if it exists, and null otherwise.
public Item GetItem(int itemId) { _logger.LogInformation("Retrieving item {ItemId}", itemId); return _allItems.FirstOrDefault(i => i.Id == itemId); }
Finally, who’s gonna call these methods?
[HttpPost(Name = "AddItems")] public IActionResult Add(string userName, int itemId) { var item = _itemsRepository.GetItem(itemId); if (item == null) { _logger.LogWarning("Item does not exist"); return NotFound(); } _usersItemsRepository.AddItem(userName, item); return Ok(item); }
Ok then, we’re ready to run the application and see the result.

When I call that endpoint by passing “davide” as userName and “1” as itemId, we can see these logs:

We can see the 3 log messages but they are unrelated one each other. In fact, if we expand the logs to see the actual values we’ve logged, we can see that only the “Retrieving item 1” log has some information about the item ID we want to associate with the user.

Using BeginScope with Serilog

Finally, it’s time to define the Scope.

It’s as easy as adding a simple using statement; see how I added the scope to the Add method in the Controller:
[HttpPost(Name = "AddItems")] public IActionResult Add(string userName, int itemId) { using (_logger.BeginScope("Adding item {ItemId} for user {UserName}", itemId, userName)) { var item = _itemsRepository.GetItem(itemId); if (item == null) { _logger.LogWarning("Item does not exist"); return NotFound(); } _usersItemsRepository.AddItem(userName, item); return Ok(item); } }
Here’s the key!
using (_logger.BeginScope("Adding item {ItemId} for user {UserName}", itemId, userName))
With this single instruction, we are actually performing 2 operations:
1. we are adding a Scope to each message – “Adding item 1 for user davide”
2. we are adding ItemId and UserName to each log entry that falls in this block, in every method in the method chain.
Let’s run the application again, and we will see this result:

So, now you can use these new properties to get some info about the context of when this log happened, and you can use the ItemId and UserName fields to search for other related logs.

You can also nest scopes, of course.

Why scopes instead of Correlation ID?

You might be thinking

Why can’t I just use correlation IDs?

Well, the answer is pretty simple: correlation IDs are meant to correlate different logs in a specific request, and, often, across services. You generally use Correlation IDs that represent a specific call to your API and act as a Request ID.

For sure, that can be useful. But, sometimes, not enough.

Using scopes you can also “correlate” distinct HTTP requests that have something in common.

If I call 2 times the AddItem endpoint, I can filter both for UserName and for ItemId and see all the related logs across distinct HTTP calls.

Let’s see a real example: I have called the endpoint with different values
- id=1, username=“davide”
- id=1, username=“luigi”
- id=2, username=“luigi”
Since the scope reference both properties, we can filter for UserName and discover that Luigi has added both Item1 and Item 2.

At the same time, we can filter by ItemId and discover that the item with id = 2 has been added only once.

Ok, then, in the end, Scopes or Correlation IDs? The answer is simple:

This article first appeared on Code4IT

Read more

As always, the best place to find the info about a library is its documentation.

🔗 Serilog website

If you prefer some more practical articles, I’ve already written one to help you get started with Serilog and Seq (and with Structured Logs):

🔗 Logging with Serilog and Seq | Code4IT

as well as one about adding Serilog to Console applications (which is slightly different from adding Serilog to .NET APIs)

🔗 How to add logs on Console with .NET Core and Serilog | Code4IT

Then, you might want to deep dive into Serilog’s BeginScope. Here’s a neat article by Nicholas Blumhardt. Also, have a look at the comments, you’ll find interesting points to consider

🔗 The semantics of ILogger.BeginScope | Nicholas Blumhardt

Finally, two must-read articles about logging best practices.

The first one is by Thiago Nascimento Figueiredo:

🔗 Logs – Why, good practices, and recommendations | Dev.to

and the second one is by Llron Tal:

🔗 9 Logging Best Practices Based on Hands-on Experience | Loom Systems

Wrapping up

In this article, we’ve added Scopes to our logs to enrich them with some common fields that can be useful to investigate in case of errors.

Remember to read the last 3 links I’ve shared above, they’re pure gold – you’ll thank me later 😎

Happy coding!

🐧
Source link
آگوست 16, 2025
How to solve InvalidOperationException for constructors using HttpClientFactory in C#
A suitable constructor for type ‘X’ could not be located. What a strange error message! Luckily it’s easy to solve.

Table of Contents

Just a second! 🫷
If you are here, it means that you are a software developer.
So, you know that storage, networking, and domain management have a cost .

If you want to support this blog, please ensure that you have disabled the adblocker for this site.
I configured Google AdSense to show as few ADS as possible – I don’t want to bother you with lots of ads, but I still need to add some to pay for the resources for my site.

Thank you for your understanding.
– Davide

A few days ago I was preparing the demo for a new article. The demo included a class with an IHttpClientFactory service injected into the constructor. Nothing more.

Then, running the application (well, actually, executing the code), this error popped out:

System.InvalidOperationException: A suitable constructor for type ‘X’ could not be located. Ensure the type is concrete and all parameters of a public constructor are either registered as services or passed as arguments. Also ensure no extraneous arguments are provided.

How to solve it? It’s easy. But first, let me show you what I did in the wrong version.

Setting up the wrong example

For this example, I created an elementary project.
It’s a .NET 7 API project, with only one controller, GenderController, which calls another service defined in the IGenderizeService interface.
public interface IGenderizeService { Task<GenderProbability> GetGenderProbabiliy(string name); }
IGenderizeService is implemented by a class, GenderizeService, which is the one that fails to load and, therefore, causes the exception to be thrown. The class calls an external endpoint, parses the result, and then returns it to the caller:
public class GenderizeService : IGenderizeService { private readonly IHttpClientFactory _httpClientFactory; public GenderizeService(IHttpClientFactory httpClientFactory) { _httpClientFactory = httpClientFactory; } public async Task<GenderProbability> GetGenderProbabiliy(string name) { var httpClient = _httpClientFactory.CreateClient(); var response = await httpClient.GetAsync($"?name={name}"); var result = await response.Content.ReadFromJsonAsync<GenderProbability>(); return result; } }
Finally, I’ve defined the services in the Program class, and then I’ve specified which is the base URL for the HttpClient instance generated in the GenderizeService class:
// some code builder.Services.AddScoped<IGenderizeService, GenderizeService>(); builder.Services.AddHttpClient<IGenderizeService, GenderizeService>( client => client.BaseAddress = new Uri("https://api.genderize.io/") ); var app = builder.Build(); // some more code
That’s it! Can you spot the error?

2 ways to solve the error

The error was quite simple, but it took me a while to spot:

In the constructor I was injecting an IHttpClientFactory:
public GenderizeService(IHttpClientFactory httpClientFactory)
while in the host definition I was declaring an HttpClient for a specific class:
builder.Services.AddHttpClient<IGenderizeService, GenderizeService>
Apparently, even if we’ve specified how to create an instance for a specific class, we could not build it using an IHttpClientFactory.

So, here are 2 ways to solve it.

Use named HttpClient in HttpClientFactory

Named HttpClients are a helpful way to define a specific HttpClient and use it across different services.

It’s as simple as assigning a name to an HttpClient instance and then using the same name when you need that specific client.

So, define it in the Startup method:
builder.Services.AddHttpClient("genderize", client => client.BaseAddress = new Uri("https://api.genderize.io/") );
and retrieve it using CreateClient:
public GenderizeService(IHttpClientFactory httpClientFactory) { _httpClientFactory = httpClientFactory; } public async Task<GenderProbability> GetGenderProbabiliy(string name) { var httpClient = _httpClientFactory.CreateClient("genderize"); var response = await httpClient.GetAsync($"?name={name}"); var result = await response.Content.ReadFromJsonAsync<GenderProbability>(); return result; }
💡 Quick tip: define the HttpClient names in a constant field shared across the whole system!

Inject HttpClient instead of IHttpClientFactory

The other way is by injecting an HttpClient instance instead of an IHttpClientFactory.

So we can restore the previous version of the Startup part:
builder.Services.AddHttpClient<IGenderizeService, GenderizeService>( client => client.BaseAddress = new Uri("https://api.genderize.io/") );
and, instead of injecting an IHttpClientFactory, we can directly inject an HttpClient instance:
public class GenderizeService : IGenderizeService { private readonly HttpClient _httpClient; public GenderizeService(HttpClient httpClient) { _httpClient = httpClient; } public async Task<GenderProbability> GetGenderProbabiliy(string name) { //var httpClient = _httpClientFactory.CreateClient("genderize"); var response = await _httpClient.GetAsync($"?name={name}"); var result = await response.Content.ReadFromJsonAsync<GenderProbability>(); return result; } }
We no longer need to call _httpClientFactory.CreateClient because the injected instance of HttpClient is already customized with the settings we’ve defined at Startup.

Further readings

I’ve briefly talked about HttpClientFactory in one article of my C# tips series:

🔗 C# Tip: use IHttpClientFactory to generate HttpClient instance | Code4IT

And, more in detail, I’ve also talked about one way to mock HttpClientFactory instances in unit tests using Moq:

🔗 How to test HttpClientFactory with Moq | Code4IT

Finally, why do we need to use HttpClientFactories instead of HttpClients?

🔗 Use IHttpClientFactory to implement resilient HTTP requests | Microsoft Docs

This article first appeared on Code4IT

Wrapping up

Yes, it was that easy!

We received the error message

A suitable constructor for type ‘X’ could not be located.

because we were mixing two ways to customize and use HttpClient instances.

But we’ve only opened Pandora’s box: we will come back to this topic soon!

For now, Happy coding!

🐧
Source link
آگوست 15, 2025
How to Choose the Top XDR Vendor for Your Cybersecurity Future
Cyberattacks aren’t slowing down—they’re getting bolder and smarter. From phishing scams to ransomware outbreaks, the number of incidents has doubled or even tripled year over year. In today’s hybrid, multi-vendor IT landscape, protecting your organization’s digital assets requires choosing the top XDR vendor that can see and stop threats across every possible entry point.

Over the last five years, XDR (Extended Detection and Response) has emerged as one of the most promising cybersecurity innovations. Leading IT analysts agree: XDR solutions will play a central role in the future of cyber defense. But not all XDR platforms are created equal. Success depends on how well an XDR vendor integrates Endpoint Protection Platforms (EPP) and Endpoint Detection and Response (EDR) to detect, analyze, and neutralize threats in real time.

This guide will explain what makes a great XDR vendor and how Seqrite XDR compares to industry benchmarks. It also includes a practical checklist for confidently evaluating your next security investment.

Why Choosing the Right XDR Vendor Matters

Your XDR platform isn’t just another security tool; it’s the nerve center of your threat detection and response strategy. The best solutions act as a central brain, collecting security telemetry from:
- Endpoints
- Networks
- Firewalls
- Email
- Identity systems
- DNS
They don’t just collect this data, they correlate it intelligently, filter out the noise, and give your security team actionable insights to respond faster.

According to industry reports, over 80% of IT and cybersecurity professionals are increasing budgets for threat detection and response. If you choose the wrong vendor, you risk fragmented visibility, alert fatigue, and missed attacks.

Key Capabilities Every Top XDR Vendor Should Offer

When shortlisting top XDR vendors, here’s what to look for:
1. Advanced Threat Detection – Identify sophisticated, multi-layer attack patterns that bypass traditional tools.
2. Risk-Based Prioritization – Assign scores (1–1000) so you know which threats truly matter.
3. Unified Visibility – A centralized console to eliminate security silos.
4. Integration Flexibility – Native and third-party integrations to protect existing investments.
5. Automation & Orchestration – Automate repetitive workflows to respond in seconds, not hours.
6. MITRE ATT&CK Mapping – Know exactly which attacker tactics and techniques you can detect.
Remember, it’s the integration of EPP and EDR that makes or breaks an XDR solution’s effectiveness.

Your Unified Detection & Response Checklist

Use this checklist to compare vendors on a like-for-like basis:
- Full telemetry coverage: Endpoints, networks, firewalls, email, identity, and DNS.
- Native integration strength: Smooth backend-to-frontend integration for consistent coverage.
- Real-time threat correlation: Remove false positives, detect real attacks faster.
- Proactive security posture: Shift from reactive to predictive threat hunting.
- MITRE ATT&CK alignment: Validate protection capabilities against industry-recognized standards.
Why Automation Is the Game-Changer

The top XDR vendors go beyond detection, they optimize your entire security operation. Automated playbooks can instantly execute containment actions when a threat is detected. Intelligent alert grouping cuts down on noise, preventing analyst burnout.

Automation isn’t just about speed; it’s about cost savings. A report by IBM Security shows that organizations with full automation save over ₹31 crore annually and detect/respond to breaches much faster than those relying on manual processes.

The Seqrite XDR Advantage

Seqrite XDR combines advanced detection, rich telemetry, and AI-driven automation into a single, unified platform. It offers:
- Seamless integration with Seqrite Endpoint Protection (EPP) and Seqrite Endpoint Detection & Response (EDR) and third party telemetry sources.
- MITRE ATT&CK-aligned visibility to stay ahead of attackers.
- Automated playbooks to slash response times and reduce manual workload.
- Unified console for complete visibility across your IT ecosystem.
- GenAI-powered SIA (Seqrite Intelligent Assistant) – Your AI-Powered Virtual Security Analyst. SIA offers predefined prompts and conversational access to incident and alert data, streamlining investigations and making it faster for analysts to understand, prioritize, and respond to threats.
In a market crowded with XDR solutions, Seqrite delivers a future-ready, AI-augmented platform designed for today’s threats and tomorrow’s unknowns.

If you’re evaluating your next security investment, start with a vendor who understands the evolving threat landscape and backs it up with a platform built for speed, intelligence, and resilience.
Source link
آگوست 13, 2025

How to propagate HTTP Headers (and Correlation IDs) using HttpClients in C#

Propagating HTTP Headers can be useful, especially when dealing with Correlation IDs. It’s time to customize our HttpClients!

Just a second! 🫷
If you are here, it means that you are a software developer.
So, you know that storage, networking, and domain management have a cost .

If you want to support this blog, please ensure that you have disabled the adblocker for this site.
I configured Google AdSense to show as few ADS as possible – I don’t want to bother you with lots of ads, but I still need to add some to pay for the resources for my site.

Thank you for your understanding.
– Davide

Imagine this: you have a system made up of different applications that communicate via HTTP. There’s some sort of entry point, exposed to the clients, that orchestrates the calls to the other applications. How do you correlate those requests?

A good idea is to use a Correlation ID: one common approach for HTTP-based systems is passing a value to the “public” endpoint using HTTP headers; that value will be passed to all the other systems involved in that operation to say that “hey, these incoming requests in the internal systems happened because of THAT SPECIFIC request in the public endpoint”. Of course, it’s more complex than this, but you got the idea.

Now. How can we propagate an HTTP Header in .NET? I found this solution on GitHub, provided by no less than David Fowler. In this article, I’m gonna dissect his code to see how he built this solution.

Important update: there’s a NuGet package that implements these functionalities: Microsoft.AspNetCore.HeaderPropagation. Consider this article as an excuse to understand what happens behind the scenes of an HTTP call, and use it to learn how to customize and extend those functionalities. Here’s how to integrate that package.

Just interested in the C# methods?

As I said, I’m not reinventing anything new: the source code I’m using for this article is available on GitHub (see link above), but still, I’ll paste the code here, for simplicity.

First of all, we have two extension methods that add some custom functionalities to the IServiceCollection.

public static class HeaderPropagationExtensions
{
    public static IServiceCollection AddHeaderPropagation(this IServiceCollection services, Action<HeaderPropagationOptions> configure)
    {
        services.AddHttpContextAccessor();
        services.ConfigureAll(configure);
        services.TryAddEnumerable(ServiceDescriptor.Singleton<IHttpMessageHandlerBuilderFilter, HeaderPropagationMessageHandlerBuilderFilter>());
        return services;
    }

    public static IHttpClientBuilder AddHeaderPropagation(this IHttpClientBuilder builder, Action<HeaderPropagationOptions> configure)
    {
        builder.Services.AddHttpContextAccessor();
        builder.Services.Configure(builder.Name, configure);
        builder.AddHttpMessageHandler((sp) =>
        {
            var options = sp.GetRequiredService<IOptionsMonitor<HeaderPropagationOptions>>();
            var contextAccessor = sp.GetRequiredService<IHttpContextAccessor>();

            return new HeaderPropagationMessageHandler(options.Get(builder.Name), contextAccessor);
        });

        return builder;
    }
}

Then we have a Filter that will be used to customize how the HttpClients must be built.

internal class HeaderPropagationMessageHandlerBuilderFilter : IHttpMessageHandlerBuilderFilter
{
    private readonly HeaderPropagationOptions _options;
    private readonly IHttpContextAccessor _contextAccessor;

    public HeaderPropagationMessageHandlerBuilderFilter(IOptions<HeaderPropagationOptions> options, IHttpContextAccessor contextAccessor)
    {
        _options = options.Value;
        _contextAccessor = contextAccessor;
    }

    public Action<HttpMessageHandlerBuilder> Configure(Action<HttpMessageHandlerBuilder> next)
    {
        return builder =>
        {
            builder.AdditionalHandlers.Add(new HeaderPropagationMessageHandler(_options, _contextAccessor));
            next(builder);
        };
    }
}

next, a simple class that holds the headers we want to propagate

public class HeaderPropagationOptions
{
    public IList<string> HeaderNames { get; set; } = new List<string>();
}

and, lastly, the handler that actually propagates the headers.

public class HeaderPropagationMessageHandler : DelegatingHandler
{
    private readonly HeaderPropagationOptions _options;
    private readonly IHttpContextAccessor _contextAccessor;

    public HeaderPropagationMessageHandler(HeaderPropagationOptions options, IHttpContextAccessor contextAccessor)
    {
        _options = options;
        _contextAccessor = contextAccessor;
    }

    protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
    {
        if (_contextAccessor.HttpContext != null)
        {
            foreach (var headerName in _options.HeaderNames)
            {
                // Get the incoming header value
                var headerValue = _contextAccessor.HttpContext.Request.Headers[headerName];
                if (StringValues.IsNullOrEmpty(headerValue))
                {
                    continue;
                }

                request.Headers.TryAddWithoutValidation(headerName, (string[])headerValue);
            }
        }

        return base.SendAsync(request, cancellationToken);
    }
}

Ok, and how can we use all of this?

It’s quite easy: if you want to propagate the my-correlation-id header for all the HttpClients created in your application, you just have to add this line to your Startup method.

builder.Services.AddHeaderPropagation(options => options.HeaderNames.Add("my-correlation-id"));

Time to study this code!

How to “enrich” HTTP requests using DelegatingHandler

Let’s start with the HeaderPropagationMessageHandler class:

public class HeaderPropagationMessageHandler : DelegatingHandler
{
    private readonly HeaderPropagationOptions _options;
    private readonly IHttpContextAccessor _contextAccessor;

    public HeaderPropagationMessageHandler(HeaderPropagationOptions options, IHttpContextAccessor contextAccessor)
    {
        _options = options;
        _contextAccessor = contextAccessor;
    }

    protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
    {
        if (_contextAccessor.HttpContext != null)
        {
            foreach (var headerName in _options.HeaderNames)
            {
                // Get the incoming header value
                var headerValue = _contextAccessor.HttpContext.Request.Headers[headerName];
                if (StringValues.IsNullOrEmpty(headerValue))
                {
                    continue;
                }

                request.Headers.TryAddWithoutValidation(headerName, (string[])headerValue);
            }
        }

        return base.SendAsync(request, cancellationToken);
    }
}

This class lies in the middle of the HTTP Request pipeline. It can extend the functionalities of HTTP Clients because it inherits from System.Net.Http.DelegatingHandler.

If you recall from a previous article, the SendAsync method is the real core of any HTTP call performed using .NET’s HttpClients, and here we’re enriching that method by propagating some HTTP headers.

 protected override Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
{
    if (_contextAccessor.HttpContext != null)
    {
        foreach (var headerName in _options.HeaderNames)
        {
            // Get the incoming header value
            var headerValue = _contextAccessor.HttpContext.Request.Headers[headerName];
            if (StringValues.IsNullOrEmpty(headerValue))
            {
                continue;
            }

            request.Headers.TryAddWithoutValidation(headerName, (string[])headerValue);
        }
    }

    return base.SendAsync(request, cancellationToken);
}

By using _contextAccessor we can access the current HTTP Context. From there, we retrieve the current HTTP headers, check if one of them must be propagated (by looking up _options.HeaderNames), and finally, we add the header to the outgoing HTTP call by using TryAddWithoutValidation.

HTTP Headers are “cloned” and propagated

Notice that we’ve used `TryAddWithoutValidation` instead of `Add`: in this way, we can use whichever HTTP header key we want without worrying about invalid names (such as the ones with a new line in it). Invalid header names will simply be ignored, as opposed to the Add method that will throw an exception.
Finally, we continue with the HTTP call by executing `base.SendAsync`, passing the `HttpRequestMessage` object now enriched with additional headers.

Using HttpMessageHandlerBuilder to configure how HttpClients must be built

The Microsoft.Extensions.Http.IHttpMessageHandlerBuilderFilter interface allows you to apply some custom configurations to the HttpMessageHandlerBuilder right before the HttpMessageHandler object is built.

internal class HeaderPropagationMessageHandlerBuilderFilter : IHttpMessageHandlerBuilderFilter
{
    private readonly HeaderPropagationOptions _options;
    private readonly IHttpContextAccessor _contextAccessor;

    public HeaderPropagationMessageHandlerBuilderFilter(IOptions<HeaderPropagationOptions> options, IHttpContextAccessor contextAccessor)
    {
        _options = options.Value;
        _contextAccessor = contextAccessor;
    }

    public Action<HttpMessageHandlerBuilder> Configure(Action<HttpMessageHandlerBuilder> next)
    {
        return builder =>
        {
            builder.AdditionalHandlers.Add(new HeaderPropagationMessageHandler(_options, _contextAccessor));
            next(builder);
        };
    }
}

The Configure method allows you to customize how the HttpMessageHandler will be built: we are adding a new instance of the HeaderPropagationMessageHandler class we’ve seen before to the current HttpMessageHandlerBuilder’s AdditionalHandlers collection. All the handlers registered in the list will then be used to build the HttpMessageHandler object we’ll use to send and receive requests.

via GIPHY

By having a look at the definition of HttpMessageHandlerBuilder you can grasp a bit of what happens when we’re creating HttpClients in .NET.

namespace Microsoft.Extensions.Http
{
    public abstract class HttpMessageHandlerBuilder
    {
        protected HttpMessageHandlerBuilder();

        public abstract IList<DelegatingHandler> AdditionalHandlers { get; }

        public abstract string Name { get; set; }

        public abstract HttpMessageHandler PrimaryHandler { get; set; }

        public virtual IServiceProvider Services { get; }

        protected internal static HttpMessageHandler CreateHandlerPipeline(HttpMessageHandler primaryHandler, IEnumerable<DelegatingHandler> additionalHandlers);

        public abstract HttpMessageHandler Build();
    }

}

Ah, and remember the wise words you can read in the docs of that class:

The Microsoft.Extensions.Http.HttpMessageHandlerBuilder is registered in the service collection as a transient service.

Nice 😎

Now that we’ve defined the custom behavior of HTTP clients, we need to integrate it into our .NET application.

public static IServiceCollection AddHeaderPropagation(this IServiceCollection services, Action<HeaderPropagationOptions> configure)
{
    services.AddHttpContextAccessor();
    services.ConfigureAll(configure);
    services.TryAddEnumerable(ServiceDescriptor.Singleton<IHttpMessageHandlerBuilderFilter, HeaderPropagationMessageHandlerBuilderFilter>());
    return services;
}

Here, we’re gonna extend the IServiceCollection with those functionalities. At first, we’re adding AddHttpContextAccessor, which allows us to access the current HTTP Context (the one we’ve used in the HeaderPropagationMessageHandler class).

Then, services.ConfigureAll(configure) registers an HeaderPropagationOptions that will be used by HeaderPropagationMessageHandlerBuilderFilter. Without that line, we won’t be able to specify the names of the headers to be propagated.

Finally, we have this line:

services.TryAddEnumerable(ServiceDescriptor.Singleton<IHttpMessageHandlerBuilderFilter, HeaderPropagationMessageHandlerBuilderFilter>());

Honestly, I haven’t understood it thoroughly: I thought that it allows us to use more than one class implementing IHttpMessageHandlerBuilderFilter, but apparently if we create a sibling class and add them both using Add, everything works the same. If you know what this line means, drop a comment below! 👇

Wherever you access the ServiceCollection object (may it be in the Startup or in the Program class), you can propagate HTTP headers for every HttpClient by using

builder.Services.AddHeaderPropagation(options =>
    options.HeaderNames.Add("my-correlation-id")
);

Yes, AddHeaderPropagation is the method we’ve seen in the previous paragraph!

Seeing it in action

Now we have all the pieces in place.

It’s time to run it 😎

To fully understand it, I strongly suggest forking this repository I’ve created and running it locally, placing some breakpoints here and there.

As a recap: in the Program class, I’ve added these lines to create a named HttpClient specifying its BaseAddress property. Then I’ve added the HeaderPropagation as we’ve seen before.

builder.Services.AddHttpClient("items")
                    .ConfigureHttpClient(c => c.BaseAddress = new Uri("https://en5xof8r16a6h.x.pipedream.net/"));

builder.Services.AddHeaderPropagation(options =>
    options.HeaderNames.Add("my-correlation-id")
);

There’s also a simple Controller that acts as an entry point and that, using an HttpClient, sends data to another endpoint (the one defined in the previous snippet).

[HttpPost]
public async Task<IActionResult> PostAsync([FromQuery] string value)
{
    var item = new Item(value);

    var httpClient = _httpClientFactory.CreateClient("items");
    await httpClient.PostAsJsonAsync("/", item);
    return NoContent();
}

What happens at start-up time

When a .NET application starts up, the Main method in the Program class acts as an entry point and registers all the dependencies and configurations required.

We will then call builder.Services.AddHeaderPropagation, which is the method present in the HeaderPropagationExtensions class.

All the configurations are then set, but no actual operations are being executed.

The application then starts normally, waiting for incoming requests.

What happens at runtime

Now, when we call the PostAsync method by passing an HTTP header such as my-correlation-id:123, things get interesting.

The first operation is

var httpClient = _httpClientFactory.CreateClient("items");

While creating the HttpClient, the engine is calling all the registered IHttpMessageHandlerBuilderFilter and calling their Configure method. So, you’ll see the execution moving to HeaderPropagationMessageHandlerBuilderFilter’s Configure.

public Action<HttpMessageHandlerBuilder> Configure(Action<HttpMessageHandlerBuilder> next)
{
    return builder =>
    {
        builder.AdditionalHandlers.Add(new HeaderPropagationMessageHandler(_options, _contextAccessor));
        next(builder);
    };
}

Of course, you’re also executing the HeaderPropagationMessageHandler constructor.

The HttpClient is now ready: when we call httpClient.PostAsJsonAsync("/", item) we’re also executing all the registered DelegatingHandler instances, such as our HeaderPropagationMessageHandler. In particular, we’re executing the SendAsync method and adding the required HTTP Headers to the outgoing HTTP calls.

We will then see the same HTTP Header on the destination endpoint.

We did it!

Propagating CorrelationId to a specific HttpClient

You can also specify which headers need to be propagated on single HTTP Clients:

public static IHttpClientBuilder AddHeaderPropagation(this IHttpClientBuilder builder, Action<HeaderPropagationOptions> configure)
{
    builder.Services.AddHttpContextAccessor();
    builder.Services.Configure(builder.Name, configure);

    builder.AddHttpMessageHandler((sp) =>
    {
        var options = sp.GetRequiredService<IOptionsMonitor<HeaderPropagationOptions>>();
        var contextAccessor = sp.GetRequiredService<IHttpContextAccessor>();

        return new HeaderPropagationMessageHandler(options.Get(builder.Name), contextAccessor);
    });

    return builder;
}

Which works similarly, but registers the Handler only to a specific HttpClient.

For instance, you can have 2 distinct HttpClient that will propagate only a specific set of HTTP Headers:

builder.Services.AddHttpClient("items")
        .AddHeaderPropagation(options => options.HeaderNames.Add("my-correlation-id"));

builder.Services.AddHttpClient("customers")
        .AddHeaderPropagation(options => options.HeaderNames.Add("another-correlation-id"));

Conclusion

What a ride!

We’ve seen how to add functionalities to HttpClients and to HTTP messages. All integrated into the .NET pipeline!

We’ve learned how to propagate generic HTTP Headers. Of course, you can choose any custom HttpHeader and promote one of them as CorrelationId.

Again, I invite you to download the code and toy with it – it’s incredibly interesting 😎

Happy coding!

🐧

Source link

آگوست 12, 2025

How to log Correlation IDs in .NET APIs with Serilog | Code4IT
APIs often call other APIs to perform operations. If an error occurs in one of them, how can you understand the context that caused that error? You can use Correlation IDs in your logs!

Table of Contents

Just a second! 🫷
If you are here, it means that you are a software developer.
So, you know that storage, networking, and domain management have a cost .

If you want to support this blog, please ensure that you have disabled the adblocker for this site.
I configured Google AdSense to show as few ADS as possible – I don’t want to bother you with lots of ads, but I still need to add some to pay for the resources for my site.

Thank you for your understanding.
– Davide

Correlation IDs are values that are passed across different systems to correlate the operations performed during a “macro” operation.

Most of the time they are passed as HTTP Headers – of course in systems that communicate via HTTP.

In this article, we will learn how to log those Correlation IDs using Serilog, a popular library that helps handle logs in .NET applications.

Setting up the demo dotNET project

This article is heavily code-oriented. So, let me first describe the demo project.

Overview of the project

To demonstrate how to log Correlation IDs and how to correlate logs generated by different systems, I’ve created a simple solution that handles bookings for a trip.

The “main” project, BookingSystem, fetches data from external systems by calling some HTTP endpoints; it then manipulates the data and returns an aggregate object to the caller.

BookingSystem depends on two projects, placed within the same solution: CarRentalSystem, which returns data about the available cars in a specified date range, and HotelsSystem, which does the same for hotels.

So, this is the data flow:

If an error occurs in any of those systems, can we understand the full story of the failed request? No. Unless we use Correlation IDs!

Let’s see how to add them and how to log them.

We need to propagate HTTP Headers. You could implement it from scratch, as we’ve seen in a previous article. Or we could use a native library that does it all for us.

Of course, let’s go with the second approach.

For every project that will propagate HTTP headers, we have to follow these steps.

First, we need to install Microsoft.AspNetCore.HeaderPropagation: this NuGet package allows us to add the .NET classes needed to propagate HTTP headers.

Next, we have to update the part of the project that we use to configure our application. For .NET projects with Minimal APIs, it’s the Program class.

Here we need to add the capability to read the HTTP Context, by using
builder.Services.AddHttpContextAccessor();
As you can imagine, this is needed because, to propagate HTTP Headers, we need to know which are the incoming HTTP Headers. And they can be read from the HttpContext object.

Next, we need to specify, as a generic behavior, which headers must be propagated. For instance, to propagate the “my-custom-correlation-id” header, you must add
builder.Services.AddHeaderPropagation(options => options.Headers.Add("my-custom-correlation-id"));
Then, for every HttpClient that will propagate those headers, you have to add AddHeaderPropagation(), like this:
builder.Services.AddHttpClient("cars_system", c => { c.BaseAddress = new Uri("https://localhost:7159/"); }).AddHeaderPropagation();
Finally, one last instruction that tells the application that it needs to use the Header Propagation functionality:
app.UseHeaderPropagation();
To summarize, here’s the minimal configuration to add HTTP Header propagation in a dotNET API.
public static void Main(string[] args) { var builder = WebApplication.CreateBuilder(args); builder.Services.AddControllers(); builder.Services.AddHttpContextAccessor(); builder.Services.AddHeaderPropagation(options => options.Headers.Add("my-custom-correlation-id")); builder.Services.AddHttpClient("cars_system", c => { c.BaseAddress = new Uri("https://localhost:7159/"); }).AddHeaderPropagation(); var app = builder.Build(); app.UseHeaderPropagation(); app.MapControllers(); app.Run(); }
We’re almost ready to go!

But we’re missing the central point of this article: logging an HTTP Header as a Correlation ID!

Initializing Serilog

We’ve already met Serilog several times in this blog, so I won’t repeat how to install it and how to define logs the best way possible.

We will write our logs on Seq, and we’re overriding the minimum level to skip the noise generated by .NET:
builder.Host.UseSerilog((ctx, lc) => lc .WriteTo.Seq("http://localhost:5341") .MinimumLevel.Information() .MinimumLevel.Override("Microsoft", LogEventLevel.Warning) .MinimumLevel.Override("Microsoft.AspNetCore", LogEventLevel.Warning) .Enrich.FromLogContext();
Since you probably know what’s going on, let me go straight to the point.

Install Serilog Enricher for Correlation IDs

We’re gonna use a specific library to log HTTP Headers treating them as Correlation IDs. To use it, you have to install the Serilog.Enrichers.CorrelationId package available on NuGet.

Therefore, you can simply run
dotnet add Serilog.Enrichers.CorrelationId
to every .NET project that will use this functionality.

Once we have that NuGet package ready, we can add its functionality to our logger by adding this line:
.Enrich.WithCorrelationIdHeader("my-custom-correlation-id")
This simple line tells dotnet that, when we see an HTTP Header named “my-custom-correlation-id”, we should log it as a Correlation ID.

Run it all together

Now we have everything in place – it’s time to run it!

We have to run all the 3 services at the same time (you can do it with VisualStudio or you can run them separately using a CMD), and we need to have Seq installed on our local machine.

You will see 3 instances of Swagger, and each instance is running under a different port.

Once we have all the 3 applications up and running, we can call the /Bookings endpoint passing it a date range and an HTTP Header with key “my-custom-correlation-id” and value = “123” (or whatever we want).

If everything worked as expected, we can open Seq and see all the logs we’ve written in our applications:

Open one of them and have a look at the attributes of the logs: you will see a CorrelationId field with the value set to “123”.

Now, to better demonstrate how it works, call the endpoint again, but this time set “789” as my-custom-correlation-id, and specify a different date range. You should be able to see another set of logs generated by this second call.

You can now apply filters to see which logs are related to a specific Correlation ID: open one log, click on the tick button and select “Find”.

You will then see all and only logs that were generated during the call with header my-custom-correlation-id set to “789”.

Further readings

That’s it. With just a few lines of code, you can dramatically improve your logging strategy.

You can download and run the whole demo here:

🔗 LogCorrelationId demo | GitHub

To run this project you have to install both Serilog and Seq. You can do that by following this step-by-step guide:

🔗 Logging with Serilog and Seq | Code4IT

For this article, we’ve used the Microsoft.AspNetCore.HeaderPropagation package, which is ready to use. Are you interested in building your own solution – or, at least, learning how you can do that?

🔗 How to propagate HTTP Headers (and Correlation IDs) using HttpClients in C# | Code4IT

Lastly, why not use Serilog’s Scopes? And what are they? Check it out here:

🔗 How to improve Serilog logging in .NET 6 by using Scopes | Code4IT

Wrapping up

This article concludes a sort of imaginary path that taught us how to use Serilog, how to correlate different logs within the same application using Scopes, and how to correlate logs from different services using Correlation IDs.

Using these capabilities, you will be able to write logs that can help you understand the context in which a specific log occurred, thus helping you fix errors more efficiently.

This article first appeared on Code4IT

Happy coding!

🐧
Source link
آگوست 10, 2025
How Hackers Use Vector Graphics for Phishing Attacks
Introduction

In the ever-evolving cybersecurity landscape, attackers constantly seek new ways to bypass traditional defences. One of the latest and most insidious methods involves using Scalable Vector Graphics (SVG)—a file format typically associated with clean, scalable images for websites and applications. But beneath their seemingly harmless appearance, SVGs can harbour threatening scripts capable of executing sophisticated phishing attacks.

This blog explores how SVGs are weaponized, why they often evade detection, and what organizations can do to protect themselves.

SVGs: More Than Just Images

SVG files differ fundamentally from standard image formats like JPEG or PNG. Instead of storing pixel data, SVGs use XML-based code to define vector paths, shapes, and text. This makes them ideal for responsive design, as they scale without losing quality. However, this same structure allows SVGs to contain embedded JavaScript, which can execute when the file is opened in a browser—something that happens by default on many Windows systems.

Delivery
- Email Attachments: Sent via spear-phishing emails with convincing subject lines and sender impersonation.
- Cloud Storage Links: Shared through Dropbox, Google Drive, OneDrive, etc., often bypassing email filters.
Fig:1 Attack chain of SVG campaign

The image illustrates the SVG phishing attack chain in four distinct stages: it begins with an email containing a seemingly harmless SVG attachment, which, when opened, triggers JavaScript execution in the browser, ultimately redirecting the user to a phishing site designed to steal credentials.

How the attack works:

When a target receives an SVG attachment and opens an email, the file typically launches in their default web browser—unless they have a specific application set to handle SVG files—allowing any embedded scripts to execute immediately.

Fig2: Phishing Email of SVG campaign

Attackers commonly send phishing emails with deceptive subject lines like “Reminder for your Scheduled Event 7212025.msg” or “Meeting-Reminder-7152025.msg”, paired with innocuous-looking attachments named “Upcoming Meeting.svg” or “Your-to-do-List.svg” to avoid raising suspicion. Once opened, the embedded JavaScript within the SVG file silently redirects the victim to a phishing site that closely mimics trusted services like Microsoft 365 or Google Workspace. As shown in fig.

Fig3: Malicious SVG code.

In the analyzed SVG sample, the attacker embeds a <script> tag within the SVG, using a CDATA section to hide malicious logic. The code includes a long hex-encoded string (Y) and a short XOR key (q), which decodes into a JavaScript payload when processed. This decoded payload is then executed using window.location = ‘javascript:’ + v;, effectively redirecting the victim to a phishing site upon opening the file. An unused email address variable (g.rume@mse-filterpressen.de) is likely a decoy or part of targeted delivery.

Upon decryption, we found the c2c phishing link as

hxxps://hju[.]yxfbynit[.]es/koRfAEHVFeQZ!bM9

Fig4: Cloudflare CAPTCHA gate

The link directs to a phishing site protected by a Cloudflare CAPTCHA gate. After you check the box to verify, you’re human then you’re redirected to a malicious page controlled by the attackers.

Fig5: Office 365 login form

This page embeds a genuine-looking Office 365 login form, allowing the phishing group to capture and validate your email and password credentials simultaneously.

Conclusion: Staying Ahead of SVG-Based Threats

As attackers continue to innovate, organizations must recognize the hidden risks in seemingly benign file formats like SVG. Security teams should:
- Implement deep content inspection for SVG files.
- Disable automatic browser rendering of SVGs from untrusted sources.
- Educate employees about the risks of opening unfamiliar attachments.
- Monitor for unusual redirects and script activity in email and web traffic.
SVGs may be powerful tools for developers, but in the wrong hands, they can become potent weapons for cybercriminals. Awareness and proactive defense are key to staying ahead of this emerging threat.

IOCs

c78a99a4e6c04ae3c8d49c8351818090

f68e333c9310af3503942e066f8c9ed1

2ecce89fa1e5de9f94d038744fc34219

6b51979ffae37fa27f0ed13e2bbcf37e

4aea855cde4c963016ed36566ae113b7

84ca41529259a2cea825403363074538

Authors:

Soumen Burma

Rumana Siddiqui
Source link
آگوست 7, 2025
How to deploy .NET APIs on Azure using GitHub actions | Code4IT
Building APIs with .NET is easy. Deploying them on Azure is easy too, with GitHub Actions!

Table of Contents

Just a second! 🫷
If you are here, it means that you are a software developer.
So, you know that storage, networking, and domain management have a cost .

If you want to support this blog, please ensure that you have disabled the adblocker for this site.
I configured Google AdSense to show as few ADS as possible – I don’t want to bother you with lots of ads, but I still need to add some to pay for the resources for my site.

Thank you for your understanding.
– Davide

With Continuous Delivery (CD), you can deploy your code in a fast-paced and stable way.

To deploy applications, you’ll need workflows that run and automate the process. In that way, you don’t have to perform repetitive tasks and the whole process becomes less error-prone.

In this article, we will learn how to implement CD pipelines using GitHub Actions. In particular, we will focus on the case of a .NET API application that will be deployed on Azure.

Create a .NET API project

Since the focus of this article is on the deployment part, we won’t create complex APIs. Just a simple Hello Word is enough.

To do that, we’re gonna use dotnet Minimal API – a way to create APIs without scaffolding lots of files and configurations.

Our API, the BooksAPI, has a single endpoint: /, the root, simply returns “Hello World!”.

All our code is stored in the Program file:
var builder = WebApplication.CreateBuilder(args); var app = builder.Build(); app.UseHttpsRedirection(); app.MapGet("/", () => "Hello World!"); app.Run();
Nothing fancy: run the application locally, and navigate to the root. You will see the Hello World message.

Lastly, put your code on GitHub: initialize a repository and publish it on GitHub – it can either be a public or a private repository.

Create an App Service on Azure

Now, to deploy an application, we need to define its destination. We’re going to deploy it on Azure, so you need an Azure account before moving on.

Open the Azure Portal, navigate to the App Service section, and create a new one.

Configure it as you wish, and then proceed until you have it up and running.

Once everything is done, you should have something like this:

Now the application is ready to be used: we now need to deploy our code here.

Generate the GitHub Action YAML file for deploying .NET APIs on Azure

It’s time to create our Continuous Delivery pipeline.

Luckily, GitHub already provides lots of templates for GitHub Actions. We will need one specific for our .NET APIs.

On GitHub, navigate to your repository, head to the Actions menu, and select New workflow.

You will see several predefined actions that allow you to do stuff with your repository. We are now interested in the one called “Deploy a .NET Core app to an Azure Web App”:

Clicking on “Configure” you will see a template. Read carefully the instructions, as they will guide you to the correct configuration of the GitHub action.

In particular, you will have to update the environment variables specified in this section:
env: AZURE_WEBAPP_NAME: your-app-name # set this to the name of your Azure Web App AZURE_WEBAPP_PACKAGE_PATH: "." # set this to the path to your web app project, defaults to the repository root DOTNET_VERSION: "5" # set this to the .NET Core version to use
Clearly, AZURE_WEBAPP_NAME must match the name you’ve defined on Azure, while DOTNET_VERSION must match the version you’re using to create your dotnet APIs.

For my specific project, I’ve replaced that section with
env: AZURE_WEBAPP_NAME: BooksAPI<myName> # set this to the name of your Azure Web App AZURE_WEBAPP_PACKAGE_PATH: "." # set this to the path to your web app project, defaults to the repository root DOTNET_VERSION: "6.0" # set this to the .NET Core version to use
🟧 DOTNET_VERSION requires also the minor version of dotnet. Setting 6 will now work: you need to specify 6.0. 🟧

Now you can save your YAML file in your repository: it will be saved under ./.github/workflows.

So, as a reference, here’s the full YAML file I’m using to deploy my APIs:
name: Build and deploy ASP.Net Core app to an Azure Web App env: AZURE_WEBAPP_NAME: BooksAPI<myName> AZURE_WEBAPP_PACKAGE_PATH: "." DOTNET_VERSION: "6.0" on: push: branches: ["master"] workflow_dispatch: permissions: contents: read jobs: build: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - name: Set up .NET Core uses: actions/setup-dotnet@v2 with: dotnet-version: ${{ env.DOTNET_VERSION }} - name: Set up dependency caching for faster builds uses: actions/cache@v3 with: path: ~/.nuget/packages key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} restore-keys: | ${{ runner.os }}-nuget- - name: Build with dotnet run: dotnet build --configuration Release - name: dotnet publish run: dotnet publish -c Release -o ${{env.DOTNET_ROOT}}/myapp - name: Upload artifact for deployment job uses: actions/upload-artifact@v3 with: name: .net-app path: ${{env.DOTNET_ROOT}}/myapp deploy: permissions: contents: none runs-on: ubuntu-latest needs: build environment: name: "Development" url: ${{ steps.deploy-to-webapp.outputs.webapp-url }} steps: - name: Download artifact from build job uses: actions/download-artifact@v3 with: name: .net-app - name: Deploy to Azure Web App id: deploy-to-webapp uses: azure/webapps-deploy@v2 with: app-name: ${{ env.AZURE_WEBAPP_NAME }} publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }}
As you can see, we have 2 distinct steps: build and deploy.

In the build phase, we check out our code, restore the NuGet dependencies, build the project, pack it and store the final result as an artifact.

In the deploy step, we retrieve the newly created artifact and publish it on Azure.

Store the Publish profile as GitHub Secret

As you can see in the instructions of the workflow file, you have to

Create a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE, paste the publish profile contents as the value of the secret.

That Create a secret in your repository named AZURE_WEBAPP_PUBLISH_PROFILE statement was not clear to me: I thought you had to create that key within your .NET project. Turns out you can create secrets related to repositories on GitHub (so, it’s language-agnostic).

A Publish profile is a file that contains information and settings used to deploy applications to Azure. It’s nothing but an XML file that lists the possible ways to deploy your application, such as FTP, Web Deploy, Zip Deploy, and so on.

We have to get our publish profile and save it into GitHub secrets.

To retrieve the Publish profile, head to the Azure App Service page and click Get publish profile to download the file.

Now, get back on GitHub, Head to Settings > Security > Secrets > Actions.

Here you can create a new secret related to your repository.

Create a new one, name it AZURE_WEBAPP_PUBLISH_PROFILE, and paste the content of the Publish profile file you’ve just downloaded.

You will then see something like this:

Notice that the secret name must be AZURE_WEBAPP_PUBLISH_PROFILE. That constraint is set because we are accessing the Publish profile by key:
- name: Deploy to Azure Web App id: deploy-to-webapp uses: azure/webapps-deploy@v2 with: app-name: ${{ env.AZURE_WEBAPP_NAME }} publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} package: ${{ env.AZURE_WEBAPP_PACKAGE_PATH }}
In particular, notice the publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }} part.

Clearly, the two names must match: nothing stops you from changing the name of the secret in both the YAML file and the GitHub Secret page.

Final result

It’s time to see the final result.

Update the application code (I’ve slightly modified the Hello world message), and push your changes to GitHub.

Under the Actions tab, you will see your CD pipeline run.

Once it’s completed, you can head to your application root and see the final result.

Further readings

Automating repetitive tasks allows you to perform more actions with fewer errors. Generally speaking, the more stuff you can automate, the better.

My own blog heavily relies on automation: scaffolding content, tracking ideas, and publishing online…

If you want to peek at what I do, here are my little secrets:

🔗 From idea to publishing, and beyond: how I automated my blogging workflow with GitHub, PowerShell, and Azure | Code4IT

In this article, we’ve only built and deployed our application. We can do more: run tests and keep track of code coverage. If you want to learn how you can do it using Azure DevOps, here we go:

🔗 Cobertura, YAML, and Code Coverage Protector: how to view Code Coverage report on Azure DevOps | Code4IT

This article first appeared on Code4IT 🐧

Wrapping up

I have to admit that I struggled a lot in setting up the CD pipeline. I was using the one proposed by default on Visual Studio – but it didn’t work.

Using the template found on GitHub worked almost instantly – I just had to figure out what did they mean by repository secrets.

Now we have everything in place. Since the workflow is stored in a text file within my repository, if I have to create and deploy a new API project I can simply do that by copying that file and fixing the references.

Nice and easy, right? 😉

Happy coding!

🐧
Source link
آگوست 5, 2025
How to create an API Gateway using Azure API Management | Code4IT
In a microservices architecture, an API Gateway hides your real endpoints. We will create one using Azure API Management

Table of Contents

Just a second! 🫷
If you are here, it means that you are a software developer.
So, you know that storage, networking, and domain management have a cost .

If you want to support this blog, please ensure that you have disabled the adblocker for this site.
I configured Google AdSense to show as few ADS as possible – I don’t want to bother you with lots of ads, but I still need to add some to pay for the resources for my site.

Thank you for your understanding.
– Davide

If you’re building an application that exposes several services you might not want to expose them on different hosts. Consumers will have a hard time configuring their application with all the different hostnames, and you will be forced to maintain the same URLs even if you need to move to other platforms or, for instance, you want to transform a REST endpoint into an Azure Function.

In this case, you should mask the real endpoints beneath a facade: maybe… an API Gateway? 🙂

In this article, we will learn how to configure Azure API Management (from now on: APIM) service to create an API Gateway and “hide” our real services.

Demo: publish .NET API services and locate the OpenAPI definition

For the sake of this article, we will work with 2 API services: BooksService and VideosService.

They are both .NET 6 APIs, deployed on Azure using GitHub Actions (using the steps I described in a previous article).

Both services expose their Swagger pages and a bunch of endpoints that we will gonna hide behind Azure APIM.

How to create Azure API Management (APIM) Service from Azure Portal

Now, we want to hide their real endpoints. The clients will then only know about the existence of the API Gateway, and not of the two separate API services:

It’s time to create our APIM resource.👷‍♂️

Head to the Azure Portal, and create a new API Management instance. I suggest reading the short overview of the functionalities provided by Azure API Management services as listed in the screenshot below.

The wizard will ask you for some info, such as the resource name, the region, and an email used to send communications (honestly speaking, I still haven’t figured out why they’re asking for your email).

Fill in all the fields, pick your preferred pricing tier (mine is Developer: it doesn’t have an SLA and is quite cheap), and then proceed with the service creation.

After several minutes (it took 50 minutes – fifty!💢 – to scaffold my instance), you will have your instance ready to be used.

We are now ready to add our APIs and expose them to our clients.

How to add APIs to Azure API Management using Swagger definition (OpenAPI)

As we’ve seen in a previous article, Swagger creates a JSON file that describes the operations available in your APIs, as well as the object structures accepted as input and returned as output.

Let me use as an example the Books API: once that API project is deployed on the cloud (it’s not mandatory to use Azure: it will work the same using other cloud vendors), you will see the Swagger UI and the related JSON definition.

We have 3 endpoints, /, /echo, and /books; those endpoints are described in the swagger.json file linked in the Swagger page; put that link aside: we will use it soon.

Finally, we can add our Books APIs to our Azure Management API Service! Head to the resource on Azure, locate the APIs menu item on the left panel, and create a new API definition using OpenAPI (which is the standard used by Swagger to create its UI).

You will see a form that allows you to create new resources from OpenAPI specifications.

Paste here the link to the swagger.json file you located before, populate the required fields and, if you want, add a prefix to identify these endpoints: I choose MyBooks.

You will then see your APIs appear in the panel shown below. It is composed of different parts:
- The list of services exposed. In the screenshot below, BooksAPI, Echo API, and VideosAPI;
- The list of endpoints exposed for each service: here, BooksAPI exposes endpoints at /, /echo, and /books;
- A list of policies that are applied to the inbound requests before hitting the real endpoint;
- The real endpoint used when calling the facade exposed by APIM;
- A list of policies applied to the outbound requests after the origin has processed the requests.
For now, we will ignore both Inbound and Outbound processing, as they will be the topic of a future article.

Consuming APIs exposed on the API Gateway

We’re ready to go! Head back to the Azure API Management service dashboard and locate the URL of the API Gateway under Custom domains > Gateway URL.

This will be the root URL that our clients will use.

We can then access Books API and Videos API both on the Origin and the Gateway (we’re doing it just for demonstrating that things are working; clients will only use the APIs exposed by the API Gateway).

The Videos API maintains the exact same structure, mapping the endpoints as they are defined in Origin.

On the contrary, to access the Books APIs we have to access the /mybooks path (because we defined it a few steps ago when we imported the BooksAPI from OpenAPI definition: it’s the API Url Suffix field), as shown below:

Further readings

As usual, a bunch of interesting readings 📚

In this article, we’ve only scratched the surface of Azure API Management. There’s way lot – and you can read about it on the Microsoft Docs website:

🔗 What is Azure API Management? | Microsoft docs

To integrate Azure APIM, we used two simple dotNET 6 Web APIs deployed on Azure. If you wanna know how to set up GitHub Actions to build and deploy dotNET APIs, I recently published an article on that topic.

🔗 How to deploy .NET APIs on Azure using GitHub actions | Code4IT

Lastly, since we’ve talked about Swagger, here’s an article where I dissected how you can integrate Swagger in dotNET Core applications:

🔗 Understanding Swagger integration in .NET Core | Code4IT

This article first appeared on Code4IT 🐧

Wrapping up

This can be just the beginning of a long journey; APIM allows you to highly customize your API Gateway by defining API access by user role, creating API documentation using custom templates and themes, and a lot of different stuff.

We will come back to this topic soon.

Happy coding!

🐧
Source link
آگوست 3, 2025
How to customize Swagger UI with custom CSS in .NET 7 | Code4IT
Exposing Swagger UI is a good way to help developers consume your APIs. But don’t be boring: customize your UI with some fancy CSS

Table of Contents

Just a second! 🫷
If you are here, it means that you are a software developer.
So, you know that storage, networking, and domain management have a cost .

If you want to support this blog, please ensure that you have disabled the adblocker for this site.
I configured Google AdSense to show as few ADS as possible – I don’t want to bother you with lots of ads, but I still need to add some to pay for the resources for my site.

Thank you for your understanding.
– Davide

Brace yourself, Christmas is coming! 🎅

If you want to add a more festive look to your Swagger UI, it’s just a matter of creating a CSS file and injecting it.

You should create a custom CSS for your Swagger endpoints, especially if you are exposing them outside your company: if your company has a recognizable color palette, using it in your Swagger pages can make your brand stand out.

In this article, we will learn how to inject a CSS file in the Swagger UI generated using .NET Minimal APIs.

How to add Swagger in your .NET Minimal APIs

There are plenty of tutorials about how to add Swagger to your APIs. I wrote some too, where I explained how every configuration impacts what you see in the UI.

That article was targeting older dotNET versions without Minimal APIs. Now everything’s easier.

When you create your API project, Visual Studio asks you if you want to add OpenAPI support (aka Swagger). By adding it, you will have everything in place to get started with Swagger.

You Minimal APIs will look like this:
public static void Main(string[] args) { var builder = WebApplication.CreateBuilder(args); builder.Services.AddEndpointsApiExplorer(); builder.Services.AddSwaggerGen(); var app = builder.Build(); app.UseSwagger(); app.UseSwaggerUI(); app.MapGet("/weatherforecast", (HttpContext httpContext) => { // return something }) .WithName("GetWeatherForecast") .WithOpenApi(); app.Run(); }
The key parts are builder.Services.AddEndpointsApiExplorer(), builder.Services.AddSwaggerGen(), app.UseSwagger(), app.UseSwaggerUI() and WithOpenApi(). Do you know that those methods do? If so, drop a comment below! 📩

Now, if we run our application, we will see a UI similar to the one below.

That’s a basic UI. Quite boring, uh? Let’s add some style

Create the CSS file for Swagger theming

All the static assets must be stored within the wwwroot folder. It does not exist by default, so you have to create it manually. Click on the API project, add a new folder, and name it “wwwroot”. Since it’s a special folder, by default Visual Studio will show it with a special icon (it’s a sort of blue world, similar to 🌐).

Now you can add all the folders and static resources needed.

I’ve created a single CSS file under /wwwroot/assets/css/xmas-style.css. Of course, name it as you wish – as long as it is within the wwwroot folder, it’s fine.

My CSS file is quite minimal:
body { background-image: url("../images/snowflakes.webp"); } div.topbar { background-color: #34a65f !important; } h2, h3 { color: #f5624d !important; } .opblock-summary-get > button > span.opblock-summary-method { background-color: #235e6f !important; } .opblock-summary-post > button > span.opblock-summary-method { background-color: #0f8a5f !important; } .opblock-summary-delete > button > span.opblock-summary-method { background-color: #cc231e !important; }
There are 3 main things to notice:
1. the element selectors are taken directly from the Swagger UI – you’ll need a bit of reverse-engineering skills: just open the Browser Console and find the elements you want to update;
2. unless the element does not already have the rule you want to apply, you have to add the !important CSS operator. Otherwise, your code won’t affect the UI;
3. you can add assets from other folders: I’ve added background-image: url("../images/snowflakes.webp"); to the body style. That image is, as you can imagine, under the wwwroot folder we created before.
Just as a recap, here’s my project structure:

Of course, it’s not enough: we have to tell Swagger to take into consideration that file

How to inject a CSS file in Swagger UI

This part is quite simple: you have to update the UseSwaggerUI command within the Main method:
app.UseSwaggerUI(c => + c.InjectStylesheet("/assets/css/xmas-style.css") );
Notice how that path begins: no wwwroot, no ~, no .. It starts with /assets.

One last step: we have to tell dotNET to consider static files when building and running the application.

You just have to add UseStaticFiles()

After builder.Build():
var app = builder.Build(); + app.UseStaticFiles(); app.UseSwagger(); app.UseSwaggerUI(c => c.InjectStylesheet("/assets/css/xmas-style.css") );
Now we can run our APIs as admire our wonderful Xmas-style UI 🎅

Further readings

This article is part of 2022 .NET Advent, created by Dustin Moris 🐤:

🔗 dotNET Advent Calendar 2022

CSS is not the only part you can customize, there’s way more. Here’s an article I wrote about Swagger integration in .NET Core 3 APIs, but it’s still relevant (I hope! 😁)

🔗 Understanding Swagger integration in .NET Core | Code4IT

This article first appeared on Code4IT

Wrapping up

Theming is often not considered an important part of API development. That’s generally correct: why should I bother adding some fancy colors to APIs that are not expected to have a UI?

This makes sense if you’re working on private APIs. In fact, theming is often useful to improve brand recognition for public-facing APIs.

You should also consider using theming when deploying APIs to different environments: maybe Blue for Development, Yellow for Staging, and Green for Production. That way your developers can understand which environment they’re exploring right easily.

Happy coding!
🐧
Source link
جولای 31, 2025