Microsoft.AspNetCore.Server.Kestrel.Core

Feature for efficiently handling connection timeouts.

Close the connection after the specified positive finite unless the timeout is canceled or reset. This will fail if there is an ongoing timeout.

Close the connection after the specified positive finite unless the timeout is canceled or reset. This will cancel any ongoing timeouts.

Prevent the connection from closing after a timeout specified by or .

A connection feature allowing middleware to stop counting connections towards . This is used by Kestrel internally to stop counting upgraded connections towards this limit.

Idempotent method to stop counting a connection towards .

Feature to set the minimum data rate at which the the request body must be sent by the client. This feature is not available for HTTP/2 requests. Instead, use for server-wide configuration which applies to both HTTP/2 and HTTP/1.x.

The minimum data rate in bytes/second at which the request body must be sent by the client. Setting this property to null indicates no minimum data rate should be enforced. This limit has no effect on upgraded connections which are always unlimited. This feature is not available for HTTP/2 requests. Instead, use for server-wide configuration which applies to both HTTP/2 and HTTP/1.x.

Feature to set the minimum data rate at which the response must be received by the client. This feature is not available for HTTP/2 requests. Instead, use for server-wide configuration which applies to both HTTP/2 and HTTP/1.x.

The minimum data rate in bytes/second at which the response must be received by the client. Setting this property to null indicates no minimum data rate should be enforced. This limit has no effect on upgraded connections which are always unlimited. This feature is not available for HTTP/2 requests. Instead, use for server-wide configuration which applies to both HTTP/2 and HTTP/1.x.

Limits only applicable to HTTP/2 connections.

Limits the number of concurrent request streams per HTTP/2 connection. Excess streams will be refused. Value must be greater than 0, defaults to 100

Limits the size of the header compression table, in octets, the HPACK decoder on the server can use. Value must be greater than 0, defaults to 4096

Indicates the size of the largest frame payload that is allowed to be received, in octets. The size must be between 2^14 and 2^24-1. Value must be between 2^14 and 2^24, defaults to 2^14 (16,384)

Indicates the size of the maximum allowed size of a request header field sequence. This limit applies to both name and value sequences in their compressed and uncompressed representations. Value must be greater than 0, defaults to 8192

Indicates how much request body data the server is willing to receive and buffer at a time aggregated across all requests (streams) per connection. Note requests are also limited by Value must be greater than or equal to 65,535 and less than 2^31, defaults to 128 kb.

Indicates how much request body data the server is willing to receive and buffer at a time per stream. Note connections are also limited by Value must be greater than or equal to 65,535 and less than 2^31, defaults to 96 kb.

Returns an for the given host an port. If the host parameter isn't "localhost" or an IP address, use IPAddress.Any.

Decodes a Huffman encoded string from a byte array.

The source byte array containing the encoded data. The destination byte array to store the decoded data. The number of decoded symbols.

Decodes a single symbol from a 32-bit word.

A 32-bit word containing a Huffman encoded symbol. The number of bits in that may contain an encoded symbol. This is not the exact number of bits that encode the symbol. Instead, it prevents decoding the lower bits of if they don't contain any encoded data. The number of bits decoded from . The decoded symbol.

The maximum we will decode is Int32.MaxValue, which is also the maximum request header field size.

Callers must ensure higher bits above the prefix are cleared before calling this method.

Manages the generation of the date header value.

Returns a value representing the current server date/time for use in the HTTP "Date" response header in accordance with http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.18

The value in string and byte[] format.

Sets date values from a provided ticks value

A DateTimeOffset value

Immediately kill the connection and poison the request body stream with an error.

Stops the request processing loop between requests. Called on all active connections when the server wants to initiate a shutdown and after a keep-alive timeout.

http://tools.ietf.org/html/rfc2616#section-3.6.1

The request id.

Connections that have been switched to a different protocol.

The endpoint Kestrel will bind to if nothing else is specified.

The endpoint Kestrel will bind to if nothing else is specified and a default certificate is available.

Prefix of host name used to specify Unix sockets in the configuration.

Prefix of host name used to specify pipe file descriptor in the configuration.

Prefix of host name used to specify socket descriptor in the configuration.

Summary description for Disposable

Checks that up to 8 bytes from correspond to a known HTTP method.

A "known HTTP method" can be an HTTP method name defined in the HTTP/1.1 RFC. Since all of those fit in at most 8 bytes, they can be optimally looked up by reading those bytes as a long. Once in that format, it can be checked against the known method. The Known Methods (CONNECT, DELETE, GET, HEAD, PATCH, POST, PUT, OPTIONS, TRACE) are all less than 8 bytes and will be compared with the required space. A mask is used if the Known method is less than 8 bytes. To optimize performance the GET method will be checked first. true if the input matches a known string, false otherwise.

Parses string for a known HTTP method.

A "known HTTP method" can be an HTTP method name defined in the HTTP/1.1 RFC. The Known Methods (CONNECT, DELETE, GET, HEAD, PATCH, POST, PUT, OPTIONS, TRACE)

Checks 9 bytes from correspond to a known HTTP version.

A "known HTTP version" Is is either HTTP/1.0 or HTTP/1.1. Since those fit in 8 bytes, they can be optimally looked up by reading those bytes as a long. Once in that format, it can be checked against the known versions. The Known versions will be checked with the required '\r'. To optimize performance the HTTP/1.1 will be checked first. true if the input matches a known string, false otherwise.

Checks 9 bytes from correspond to a known HTTP version.

Checks 8 bytes from that correspond to 'http://' or 'https://'

The span A reference to the known scheme, if the input matches any True when memory starts with known http or https schema

Abstracts the system clock to facilitate testing.

Retrieves the current system time in UTC.

A faster version of String.Concat(, , .ToString("X8"))

Provides access to the normal system clock.

Retrieves the current system time in UTC.

This wraps PipeWriter.FlushAsync() in a way that allows multiple awaiters making it safe to call from publicly exposed Stream implementations while also tracking response data rate.

Gets or sets the maximum size of the response buffer before write calls begin to block or return tasks that don't complete until the buffer size drops below the configured limit. Defaults to 65,536 bytes (64 KB).

When set to null, the size of the response buffer is unlimited. When set to zero, all write calls will block or return tasks that don't complete until the entire response buffer is flushed.

Gets or sets the maximum size of the request buffer. Defaults to 1,048,576 bytes (1 MB).

When set to null, the size of the request buffer is unlimited.

Gets or sets the maximum allowed size for the HTTP request line. Defaults to 8,192 bytes (8 KB).

For HTTP/2 this measures the total size of the required pseudo headers :method, :scheme, :authority, and :path.

Gets or sets the maximum allowed size for the HTTP request headers. Defaults to 32,768 bytes (32 KB).

Gets or sets the maximum allowed number of headers per HTTP request. Defaults to 100.

Gets or sets the maximum allowed size of any request body in bytes. When set to null, the maximum request body size is unlimited. This limit has no effect on upgraded connections which are always unlimited. This can be overridden per-request via . Defaults to 30,000,000 bytes, which is approximately 28.6MB.

Gets or sets the keep-alive timeout. Defaults to 2 minutes.

Gets or sets the maximum amount of time the server will spend receiving request headers. Defaults to 30 seconds.

Gets or sets the maximum number of open connections. When set to null, the number of connections is unlimited. Defaults to null.

When a connection is upgraded to another protocol, such as WebSockets, its connection is counted against the limit instead of .

Gets or sets the maximum number of open, upgraded connections. When set to null, the number of upgraded connections is unlimited. An upgraded connection is one that has been switched from HTTP to another protocol, such as WebSockets. Defaults to null.

When a connection is upgraded to another protocol, such as WebSockets, its connection is counted against the limit instead of .

Limits only applicable to HTTP/2 connections.

Gets or sets the request body minimum data rate in bytes/second. Setting this property to null indicates no minimum data rate should be enforced. This limit has no effect on upgraded connections which are always unlimited. This can be overridden per-request via . Defaults to 240 bytes/second with a 5 second grace period.

Gets or sets the response minimum data rate in bytes/second. Setting this property to null indicates no minimum data rate should be enforced. This limit has no effect on upgraded connections which are always unlimited. This can be overridden per-request via . Defaults to 240 bytes/second with a 5 second grace period.

Contrary to the request body minimum data rate, this rate applies to the response status line and headers as well. This rate is enforced per write operation instead of being averaged over the life of the response. Whenever the server writes a chunk of data, a timer is set to the maximum of the grace period set in this property or the length of the write in bytes divided by the data rate (i.e. the maximum amount of time that write should take to complete with the specified data rate). The connection is aborted if the write has not completed by the time that timer expires.

Provides programmatic configuration of Kestrel-specific features.

Configures the endpoints that Kestrel should listen to.

If this list is empty, the server.urls setting (e.g. UseUrls) is used.

Gets or sets whether the Server header should be included in each response.

Defaults to true.

Gets or sets a value that determines how Kestrel should schedule user callbacks.

The default mode is

Gets or sets a value that controls whether synchronous IO is allowed for the and

Defaults to true.

Enables the Listen options callback to resolve and use services registered by the application during startup. Typically initialized by UseKestrel()"/>.

Provides access to request limit options.

Provides a configuration source where endpoints will be loaded from on server start. The default is null.

A default configuration action for all endpoints. Use for Listen, configuration, the default url, and URLs.

A default configuration action for all https endpoints.

The default server certificate for https endpoints. This is applied lazily after HttpsDefaults and user options.

Has the default dev certificate load been attempted?

Specifies a configuration Action to run for each newly created endpoint. Calling this again will replace the prior action.

Specifies a configuration Action to run for each newly created https endpoint. Calling this again will replace the prior action.

Creates a configuration loader for setting up Kestrel.

Creates a configuration loader for setting up Kestrel that takes an IConfiguration as input. This configuration must be scoped to the configuration section for Kestrel.

Bind to given IP address and port.

Bind to given IP address and port. The callback configures endpoint-specific settings.

Bind to given IP endpoint.

Bind to given IP address and port. The callback configures endpoint-specific settings.

Listens on ::1 and 127.0.0.1 with the given port. Requesting a dynamic port by specifying 0 is not supported for this type of endpoint.

Listens on all IPs using IPv6 [::], or IPv4 0.0.0.0 if IPv6 is not supported.

Bind to given Unix domain socket path.

Bind to given Unix domain socket path. Specify callback to configure endpoint-specific settings.

Open a socket file descriptor.

Open a socket file descriptor. The callback configures endpoint-specific settings.

Describes either an , Unix domain socket path, or a file descriptor for an already open socket that Kestrel should bind to or open.

The type of interface being described: either an , Unix domain socket path, or a file descriptor.

The to bind to. Only set if the is .

The absolute path to a Unix domain socket to bind to. Only set if the is .

A file descriptor for the socket to open. Only set if the is .

Enables an to resolve and use services registered by the application during startup. Only set if accessed from the callback of a Listen* method.

Set to false to enable Nagle's algorithm for all connections.

Defaults to true.

The protocols enabled on this endpoint.

Defaults to HTTP/1.x.

Gets the that allows each connection to be intercepted and transformed. Configured by the UseHttps() and extension methods.

Defaults to empty.

Gets the name of this endpoint to display on command-line when the web server starts.

Creates a new instance of .

The minimum rate in bytes/second at which data should be processed. The amount of time to delay enforcement of , starting at the time data is first read or written.

The minimum rate in bytes/second at which data should be processed.

The amount of time to delay enforcement of , starting at the time data is first read or written.

Bad request.

Bad chunk size data.

Bad chunk suffix.

Chunked request incomplete.

The message body length cannot be determined because the final transfer coding was set to '{detail}' instead of 'chunked'.

Request headers too long.

Invalid characters in header name.

Invalid content length: {detail}

Invalid Host header.

Invalid Host header: '{detail}'

Invalid request headers: missing final CRLF in header fields.

Invalid request header: '{detail}'

Invalid request line.

Invalid request line: '{detail}'

Invalid request target: '{detail}'

{detail} request contains no Content-Length or Transfer-Encoding header.

{detail} request contains no Content-Length header.

Malformed request: invalid headers.

Method not allowed.

Request is missing Host header.

Multiple Content-Length headers.

Multiple Host headers.

Request line too long.

Reading the request headers timed out.

Request contains too many headers.

Unexpected end of request content.

Unrecognized HTTP version: '{detail}'

Requests with 'Connection: Upgrade' cannot have content in the request body.

Failed to bind to http://[::]:{port} (IPv6Any). Attempting to bind to http://0.0.0.0:{port} instead.

Cannot write to response body after connection has been upgraded.

Kestrel does not support big-endian architectures.

Maximum request buffer size ({requestBufferSize}) must be greater than or equal to maximum request header size ({requestHeaderSize}).

Maximum request buffer size ({requestBufferSize}) must be greater than or equal to maximum request line size ({requestLineSize}).

Server has already started.

Unknown transport mode: '{mode}'.

Invalid non-ASCII or control character in header: {character}

Invalid Content-Length: "{value}". Value must be a positive integral number.

Value must be null or a non-negative number.

Value must be a non-negative number.

Value must be a positive number.

Value must be null or a positive number.

Unix socket path must be absolute.

Failed to bind to address {address}.

No listening endpoints were configured. Binding to {address} by default.

HTTPS endpoints can only be configured using {methodName}.

A path base can only be configured using {methodName}.

Dynamic port binding is not supported when binding to localhost. You must either bind to 127.0.0.1:0 or [::1]:0, or both.

Failed to bind to address {endpoint}: address already in use.

Invalid URL: '{url}'.

Unable to bind to {address} on the {interfaceName} interface: '{error}'.

Overriding address(es) '{addresses}'. Binding to endpoints defined in {methodName} instead.

Overriding endpoints defined in UseKestrel() because {settingName} is set to true. Binding to address(es) '{addresses}' instead.

Unrecognized scheme in server address '{address}'. Only 'http://' is supported.

Headers are read-only, response has already started.

An item with the same key has already been added.

Setting the header {name} is not allowed on responses with status code {statusCode}.

{name} cannot be set because the response has already started.

Request processing didn't complete within the shutdown timeout.

Response Content-Length mismatch: too few bytes written ({written} of {expected}).

Response Content-Length mismatch: too many bytes written ({written} of {expected}).

The response has been aborted due to an unhandled application exception.

Writing to the response body is invalid for responses with status code {statusCode}.

Connection shutdown abnormally.

Connection processing ended abnormally.

Cannot upgrade a non-upgradable request. Check IHttpUpgradeFeature.IsUpgradableRequest to determine if a request can be upgraded.

Request cannot be upgraded because the server has already opened the maximum number of upgraded connections.

IHttpUpgradeFeature.UpgradeAsync was already called and can only be called once per connection.

Request body too large.

The maximum request body size cannot be modified after the app has already started reading from the request body.

The maximum request body size cannot be modified after the request has been upgraded.

Value must be a positive TimeSpan.

Value must be a non-negative TimeSpan.

The request body rate enforcement grace period must be greater than {heartbeatInterval} second.

Synchronous operations are disallowed. Call ReadAsync or set AllowSynchronousIO to true instead.

Synchronous operations are disallowed. Call WriteAsync or set AllowSynchronousIO to true instead.

Value must be a positive number. To disable a minimum data rate, use null where a MinDataRate instance is expected.

Concurrent timeouts are not supported.

Timespan must be positive and finite.

An endpoint must be configured to serve at least one protocol.

HTTP/2 over TLS was not negotiated on an HTTP/2-only endpoint.

A dynamic table size of {size} octets is greater than the configured maximum size of {maxSize} octets.

Index {index} is outside the bounds of the header field table.

Input data could not be fully decoded.

Input data contains the EOS symbol.

The destination buffer is not large enough to store the decoded data.

Huffman decoding error.

Decoded string length of {length} octets is greater than the configured maximum length of {maxStringLength} octets.

The header block was incomplete and could not be fully decoded.

The client sent a {frameType} frame with even stream ID {streamId}.

The client sent a A PUSH_PROMISE frame.

The client sent a {frameType} frame to stream ID {streamId} before signaling of the header block for stream ID {headersStreamId}.

The client sent a {frameType} frame with stream ID 0.

The client sent a {frameType} frame with stream ID different than 0.

The client sent a {frameType} frame with padding longer than or with the same length as the sent data.

The client sent a {frameType} frame to closed stream ID {streamId}.

The client sent a {frameType} frame to stream ID {streamId} which is in the "half-closed (remote) state".

The client sent a {frameType} frame with dependency information that would cause stream ID {streamId} to depend on itself.

The client sent a {frameType} frame with length different than {expectedLength}.

The client sent a SETTINGS frame with a length that is not a multiple of 6.

The client sent a SETTINGS frame with ACK set and length different than 0.

The client sent a SETTINGS frame with a value for parameter {parameter} that is out of range.

The client sent a WINDOW_UPDATE frame with a window size increment of 0.

The client sent a CONTINUATION frame not preceded by a HEADERS frame.

The client sent a {frameType} frame to idle stream ID {streamId}.

The client sent trailers containing one or more pseudo-header fields.

The client sent a header with uppercase characters in its name.

The client sent a trailer with uppercase characters in its name.

The client sent a HEADERS frame containing trailers without setting the END_STREAM flag.

Request headers missing one or more mandatory pseudo-header fields.

Pseudo-header field found in request headers after regular header fields.

Request headers contain unknown pseudo-header field.

Request headers contain response-specific pseudo-header field.

Request headers contain duplicate pseudo-header field.

Request headers contain connection-specific header field.

Unable to configure default https bindings because no IDefaultHttpsProvider service was provided.

Failed to authenticate HTTPS connection.

Authentication of the HTTPS connection timed out.

Certificate {thumbprint} cannot be used as an SSL server certificate. It has an Extended Key Usage extension but the usages do not include Server Authentication (OID 1.3.6.1.5.5.7.3.1).

Value must be a positive TimeSpan.

The server certificate parameter is required.

No listening endpoints were configured. Binding to {address0} and {address1} by default.

The requested certificate {subject} could not be found in {storeLocation}/{storeName} with AllowInvalid setting: {allowInvalid}.

The endpoint {endpointName} is missing the required 'Url' parameter.

Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found. To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'. For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.

The endpoint {endpointName} specified multiple certificate sources.

Cannot write to the response body, the response has completed.

Reading the request body timed out due to data arriving too slowly. See MinRequestBodyDataRate.

The connection was aborted by the application.

The connection was aborted because the server is shutting down and request processing didn't complete within the time specified by HostOptions.ShutdownTimeout.

The connection was timed out by the server because the response was not read by the client at the specified minimum data rate.

The connection was timed out by the server.

The received frame size of {size} exceeds the limit {limit}.

Tls 1.2 or later must be used for HTTP/2. {protocol} was negotiated.

Invalid HTTP/2 connection preface.

Header name cannot be a null or empty string.

The connection or stream was aborted because a write operation was aborted with a CancellationToken.

The client sent a SETTINGS frame with a SETTINGS_INITIAL_WINDOW_SIZE that caused a flow-control window to exceed the maximum size.

The client sent a WINDOW_UPDATE frame that caused a flow-control window to exceed the maximum size.

The HTTP/2 connection faulted.

The client reset the request stream.

The request stream was aborted.

The client sent more data than what was available in the flow-control window.

CONNECT requests must not send :scheme or :path headers.

The Method '{method}' is invalid.

The request :path is invalid: '{path}'

The request :scheme header '{requestScheme}' does not match the transport scheme '{transportScheme}'.

Less data received than specified in the Content-Length header.

More data received than specified in the Content-Length header.

An error occurred after the response headers were sent, a reset is being sent.

A new stream was refused because this connection has reached its stream limit.

A value greater than zero is required.

A value between {min} and {max} is required.

Dynamic tables size update did not occur at the beginning of the first header block.

The given buffer was too small to encode any headers.

The decoded integer exceeds the maximum value of Int32.MaxValue.

The client closed the connection.

A frame of type {frameType} was received after stream {streamId} was reset or aborted.

Describes the client certificate requirements for a HTTPS connection.

A client certificate is not required and will not be requested from clients.

A client certificate will be requested; however, authentication will not fail if a certificate is not provided by the client.

A client certificate will be requested, and the client must provide a valid certificate for authentication to succeed.

Settings for how Kestrel should handle HTTPS connections.

Initializes a new instance of .

Specifies the server certificate used to authenticate HTTPS connections. This is ignored if ServerCertificateSelector is set. If the server certificate has an Extended Key Usage extension, the usages must include Server Authentication (OID 1.3.6.1.5.5.7.3.1).

A callback that will be invoked to dynamically select a server certificate. This is higher priority than ServerCertificate. If SNI is not available then the name parameter will be null. If the server certificate has an Extended Key Usage extension, the usages must include Server Authentication (OID 1.3.6.1.5.5.7.3.1).

Specifies the client certificate requirements for a HTTPS connection. Defaults to .

Specifies a callback for additional client certificate validation that will be invoked during authentication.

Specifies allowable SSL protocols. Defaults to and .

The protocols enabled on this endpoint.

Defaults to HTTP/1.x only.

Specifies whether the certificate revocation list is checked during authentication.

Specifies the maximum amount of time allowed for the TLS/SSL handshake. This must be positive and finite.

Specifies a configuration Action to run when an endpoint with the given name is loaded from configuration.

Bind to given IP address and port.

Bind to given IP endpoint.

Bind to given IP address and port.

Listens on ::1 and 127.0.0.1 with the given port. Requesting a dynamic port by specifying 0 is not supported for this type of endpoint.

Listens on all IPs using IPv6 [::], or IPv4 0.0.0.0 if IPv6 is not supported.

Bind to given Unix domain socket path.

Open a socket file descriptor.

Emits verbose logs for bytes read from and written to the connection.

The .

Emits verbose logs for bytes read from and written to the connection.

The .

Extension methods for that configure Kestrel to use HTTPS for a given endpoint.

Configure Kestrel to use HTTPS with the default certificate if available. This will throw if no default certificate is configured.

The to configure. The .