| title | author | description | ms.author | ms.custom | ms.date | uid |
|---|---|---|---|---|---|---|
What's new in ASP.NET Core 10.0 |
rick-anderson |
Learn about the new features in ASP.NET Core 10.0. |
riande |
mvc |
4/10/2025 |
aspnetcore-10 |
This article highlights the most significant changes in ASP.NET Core 10.0 with links to relevant documentation.
This article will be updated as new preview releases are made available. See the Asp.Net Core announcement page until this page is updated.
This section describes new features for Blazor.
This section describes new features for Blazor Hybrid.
This section describes new features for SignalR.
This section describes new features for minimal APIs.
This section describes new features for OpenAPI.
This section describes new features for authentication and authorization.
Metrics have been added for certain authentication and authorization events in ASP.NET Core. With this change, you can now obtain metrics for the following events:
- Authentication:
- Authenticated request duration
- Challenge count
- Forbid count
- Sign in count
- Sign out count
- Authorization:
- Count of requests requiring authorization
The following image shows an example of the Authenticated request duration metric in the Aspire dashboard:
For more information, see ASP.NET Core Authorization and Authentication metrics.
This section describes miscellaneous new features in ASP.NET Core 10.0.
Use the new RedirectHttpResult.IsLocalUrl(url) helper method to detect if a URL is local. A URL is considered local if the following are true:
- It doesn't have the host or authority section.
- It has an absolute path.
URLs using virtual paths "~/" are also local.
IsLocalUrl is useful for validating URLs before redirecting to them to prevent open redirection attacks.
if (RedirectHttpResult.IsLocalUrl(url))
{
return Results.LocalRedirect(url);
}Thank you @martincostello for this contribution!