- Washington Post
- Sourdough Crumpets
- Cookies And Consent In ASP .NET Core 3.1 | Wake Up And Code!
- Cookietins.com
- I Baked The Viral #PanBangingCookies, And I'm Never Going Back
- Httpclient 3.1 Cookie
This is the third of a new series of posts on ASP .NET Core 3.1 for 2020. In this series, we’ll cover 26 topics over a span of 26 weeks from January through June 2020, titled ASP .NET Core A-Z! To differentiate from the 2019 series, the 2020 series will mostly focus on a growing single codebase (NetLearner!) instead of new unrelated code snippets week.
- Heat oven to 350°F. Cut logs into 1/4-inch slices. Place 2 inches apart onto ungreased cookie sheets. Bake 10-14 minutes or until edges are lightly browned.
- Cookie scoops are among my most recommended baking tools. I have several in different sizes, and they get used quite frequently. For those of you unfamiliar with cookie scoops, they are spring-loaded scoops that help you scoop and measure batters and dough.
Previous post:
NetLearner on GitHub:
- Repository: https://github.com/shahedc/NetLearnerApp
- v0.3-alpha release: https://github.com/shahedc/NetLearnerApp/releases/tag/v0.3-alpha
In this article, we’ll continue to look at the (in-progress) NetLearner application, which was generated using multiple ASP .NET Core web app project (3.1) templates. In previous releases, the template made it very easy for you to store cookies and display a cookie policy. However, the latest version doesn’t include cookie usage or a GDPR-compliant message out of the box.
Unless you’ve been living under a rock in the past couple of years, you’ve no doubt noticed all the GDPR-related emails and website popups since 2018. Whether or not you’re required by law to disclose your cookie policies, it’s good practice to reveal it to the end user so that they can choose to accept your cookies (or not).
In ASP .NET Core 2.x, the standard web app project templates provided by Microsoft included GDPR-friendly popup messages, that could be accepted by the end user to set a consent cookie. As of ASP .NET Core 3.x, this is no longer provided out of the box. However, you can still add this feature back into your project manually if needed.
Follow the instructions provided in the official docs to add this feature to your ASP .NET MVC or Razor Pages project:
C is for Cookies and Consent In this article, we’ll continue to look at the (in-progress) NetLearner application, which was generated using multiple ASP.NET Core web app project (3.1) templates. In previous releases, the template made it very easy for you to store cookies and display a cookie policy. Cut into assorted shapes using 3-inch cookie cutters. Place on foil-covered baking sheets. Sprinkle each cookie with 1 tsp. Crushed ring-shaped hard candies. Press gently into dough. Bake as directed. Makes about 3-1/2 doz. Or 21 servings, two cookies each. Choco-Orange Cookies: Add 1 Tbsp. Grated orange peel to dough. Shape into two 8x1-1/2. Once a cookie is created, the cookie is the single source of identity. If a user account is disabled in back-end systems: The app's cookie authentication system continues to process requests based on the authentication cookie. The user remains signed into the app as long as the authentication cookie is valid.
- GDPR Support in ASP .NET Core: https://docs.microsoft.com/en-us/aspnet/core/security/gdpr?view=aspnetcore-3.1
Washington Post
But wait… how about Blazor web app projects? After asking a few other developers on Twitter, I decided to implement this feature myself, in my NetLearner repository. I even had the opportunity to answer a related question on Stack Overflow. Take a look at the following Blazor web project:
- NetLearner.Blazor: https://github.com/shahedc/NetLearnerApp/tree/main/src/NetLearner.Blazor
As you probably know, cookies are attached to a specific browser installation and can be deleted by a user at an any time. Some new developers may not be aware of where these cookies are actually stored.
Click F12 in your browser to view the Developer Tools to see cookies grouped by website/domain.
- In (pre-Chromum) Edge/Firefox, expand Cookies under the Storage tab.
- In (Chromium-based) Edge/Chrome, expand Storage | Cookies under the Application tab .
See screenshots below for a couple of examples how AspNet.Consent in stored, along with a boolean Yes/No value:
The first time you launch a new template-generated ASP .NET Core 2.x web app, you should expect to see a cookie popup that appears on every page that can be dismissed by clicking Accept. Since we added it manually in our 3.x project, let’s explore the code to dig in a little further.
First, take a look at the _CookieConsentPartial.cshtml partial view in both the Razor Pages shared pages folder and the MVC shared views folder. The CSS class names and accessibility-friendly role attributes have been removed for brevity in the snippet below. For Razor Pages (in this example), this file should be in the /Pages/Shared/ folder by default. For MVC, this file should be in the /Views/Shared/ folder by default.
This partial view has a combination of server-side C# code and client-side HTML/CSS/JavaScript code. First, let’s examine the C# code at the very top:
- The using statement at the top mentions the Microsoft.AspNetCore.Http.Features namespace, which is necessary to use ITrackingConsentFeature.
- The local variable consentFeature is used to get an instance ITrackingConsentFeature (or null if not present).
- The local variable showBanner is used to store the boolean result from the property consentFeature.CanTrack to check whether the user has consented or not.
- The local variable cookieString is used to store the “cookie string” value of the created cookie after a quick call to consentFeature.CreateConsentCookie().
- The @if block that follows only gets executed if showBanner is set to true.
Sourdough Crumpets
Next, let’s examine the HTML that follows:
- The cookieConsent <div> is used to store and display a customized message for the end user.
- This <div> also displays an Accept <button> that dismisses the popup.
- The data-dismiss attribute ensures that the modal popup is closed when you click on it. This feature is available because we are using Bootstrap in our project.
- The data- attribute for “data-cookie-string” is set using the server-side variable value for @cookieString.
The full value for cookieString may look something like this, beginning with the .AspNet.Consent boolean value, followed by an expiration date.
Finally, let’s examine the JavaScript that follows within a <script> tag:
- Within the <script> tag, an anonymous function is defined and invoked immediately, by ending it with (); after it’s defined.
- A button variable is defined to represent the HTML button, by using an appropriate querySelector to retrieve it from the DOM.
- An eventListener is added to respond to the button’s onclick event.
- If accepted, a new cookie is created using the button’s aforementioned cookieString value.
To use the partial view in your application, simply insert it into the _Layout.cshtml page defined among both the Razor Pages shared pages folder and the MVC shared views folder. The partial view can be inserted above the call to RenderBody() as shown below.
In an MVC application, the partial view can be inserted the same way, using the <partial> tag helper.
Here are the steps I used in the Blazor project, tracked in the BlazorCookieExperiment branch:
- Update ConfigureServices() in Startup.cs to set up cookie usage
- Use JSInterop to set document.cookie in netLearnerJSInterop.js
- Update _Host.cshtml to include the .js file
- Observe code in _CookieConsentPartial.cshtml as reference
- Add _CookieConsentPartial.razor component in Shared folder
- Update MainLayout.razor to include above component
You may have noticed that there is only an Accept option in the default cookie popup generated by the template’s Partial View. This ensures that the only way to store a cookie with the user’s consent is to click Accept in the popup.
You may be wondering whether you should also display a Decline option in the cookie popup. But that would be a bad idea, because that would require you to store the user’s “No” response in the cookie itself, thus going against their wishes. If you wish to allow the user to withdraw consent at a later time, take a look at the GrantConsent() and WithdrawConsent() methods provided by ITrackingConsentFeature.
But you can still change the message in the cookie popup and your website’s privacy policy. To change the cookie’s displayed message, simply change the text that appears in the _CookieConsentPartial.cshtml partial view (or equivalent Razor component for ther Blazor project), within the <div> of the client-side HTML. In the excerpt shown in the previous section, this region is identified by the <!– CUSTOMIZED MESSAGE IN COOKIE POPUP –> placeholder comment.
Your message text is also a great place to provide a link to your website’s privacy policy. In the Razor Pages template, the <a> link is generated using a tag helper shown below. The /Privacy path points to the Privacy.cshtml Razor page in the /Pages folder.
In a similar MVC application, you would find the Privacy.cshtml view within the /Views/Home/ folder, accessible via the Home controller’s Privacy() action method. In the MVC template, the <a> is link is generated using the following tag helper:
None of the above would be possible without the necessary configuration. The cookie policy can be used by simply calling the extension method app.UseCookiePolicy() in the Configure() method of your Startup.cs file, in the root location of Razor Pages, MVC and Blazor projects.
According to the official documentation, this “Adds the Microsoft.AspNetCore.CookiePolicy.CookiePolicyMiddleware handler to the specified Microsoft.AspNetCore.Builder.IApplicationBuilder, which enables cookie policy capabilities.”
The cool thing about ASP .NET Core middleware is that there are many IApplicationBuilder extension methods for the necessary Middleware components you may need to use. Instead of hunting down each Middleware component, you can simply type app.Use in the Configure() method to discover what is available for you to use.
If you remove the call to app.UseCookiePolicy(), this will cause the aforementioned consentFeature value to be set to null in the C# code of your cookie popup.
There is also some minimal configuration that happens in the ConfigureServices() method which is called before the Configure() method in your Startup.cs file.
The above code does a couple of things:
- As explained by the comment, the lambda (context => true) “determines whether user consent for non-essential cookies is needed for a given request” and then the CheckConsentNeeded boolean property for the options object is set to true or false.
- The property MinimumSameSitePolicy is set to SameSiteMode.None, which is an enumerator with the following possible values:
- Unspecified = -1
- None = 0
- Lax = 1
- Strict = 2
From the official documentation on cookie authentication, “ The Cookie Policy Middleware setting for MinimumSameSitePolicy
can affect the setting of Cookie.SameSite
in CookieAuthenticationOptions
settings. For more information, check out the documentation at:
- Cookie Authentication: https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-3.1
- SameSiteMode Enum: https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.http.samesitemode?view=aspnetcore-3.1
Cookies And Consent In ASP .NET Core 3.1 | Wake Up And Code!
- General Data Protection Regulation (GDPR) support in ASP.NET Core: https://docs.microsoft.com/en-us/aspnet/core/security/gdpr?view=aspnetcore-3.1
- Use cookie authentication without ASP.NET Core Identity: https://docs.microsoft.com/en-us/aspnet/core/security/authentication/cookie?view=aspnetcore-3.1
- ITrackingConsentFeature Interface (Microsoft.AspNetCore.Http.Features): https://docs.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.http.features.itrackingconsentfeature?view=aspnetcore-3.1
- HTMLElement.dataset: https://developer.mozilla.org/en-US/docs/Web/API/HTMLElement/dataset
- Using the alert role: https://developer.mozilla.org/en-US/docs/Web/Accessibility/ARIA/ARIA_Techniques/Using_the_alert_role
- HTML DOM querySelector() Method: https://www.w3schools.com/jsref/met_document_queryselector.asp
I took my go-to cookie dough recipe and perfected it to make 3 of my very favorite cookies: Chewy Chocolate Chunk, White Chocolate Chip Macadamia, and Triple Chocolate Chip Chocolate Cookies!
Starting the week off in the best way possible. With a massive post all about cookies. Discussing 3 oh so different cookies that have a common denominator – one amazing cookie dough recipe.
I set out to perfect one of our family chocolate chip cookie recipes that pretty much everyone makes over and over again and knows by heart. It actually happens to be one of the first recipes I ever posted on the blog. Over the years I have stumbled upon and created many cookie recipes (all of which I love, of course). But since this recipe is so special to us and is usually only used for chocolate chip cookies, I really wanted to show its versatility by using it as a base recipe to make the cookies you see here.
So technically, our cookie dough recipe can be transformed into 4 different scrumptious cookies. Mind blown. I always knew there was a reason why we all love it so much.
I also want to mention that the base recipe is absolutely lovely and makes the most amazing chocolate chip cookies. But I do always end up tweaking the recipe ingredients a bit just because of the things I’ve learned and tried over the years. The original post can be found HERE. You don’t have to change a thing, but I’m going to be honest and let you know that my updated version of an old classic always gets the most compliments. No matter which recipe you go for, you can’t go wrong though.
Without further ado, let’s jump right in and let me tell you exactly what I did.
One of the most important things to me when it comes to cookies is chewiness. I live for super chewy cookies and am not a big fan of crunchy ones. There’s definitely a time and place for crispy cookies and a tall glass of milk, but 9 out of 10 times I am all about soft, chewy, and tender cookies.
The first change I made was in the flour department. Since bread flour has a higher gluten content than all-purpose flour, it really helps with developing chewiness. I opted to go half and half and I’ve seen the best and noticeable change when using that ratio.
I also decided to use more brown than granulated sugar. Since molasses is added to white sugar to create brown sugar, it not only adds flavor but also extra moisture, which helps with extra chewiness.
Last but not least, I only used unsalted butter in the recipes. The original recipe calls for a combination of butter and shortening, but I rarely have shortening on hand. It’s one of those ingredients I almost never buy and opted to go for all butter out of necessity. In addition to that, I decided to melt the butter and am pretty sure I’ll never go back. Out of all the changes I made, I believe that melting the butter was the most important one in achieving ultra chewy cookies. There’s something about the ratio of melted butter, dry ingredients, and the addition of a good amount of chocolate chunks/chips that can’t be beat.
You’ll notice that while each recipe is very similar, they’re all a little bit different. I told you in the beginning of the post that I tried to perfect the recipe/recipes and I was not kidding. Every single one has been tweaked, taste-tested, and made multiple times to ensure the perfect outcome every time.
The Triple Chocolate Chip Chocolate Cookie recipe has been changed the most and took the longest time to get just right. But I couldn’t be more excited about it. They’re so good!
My hope is that you’ll find this post most helpful and love having every cookie recipe you could need in one spot. I know I will be pulling up this post time and time again to make them since it will take some time till I memorize every change to every recipe. I am sure it won’t be too long before I have it all down though. A day doesn’t go by that we don’t have a cookie in our cookie jar ♥️.
Hope you enjoy these recipes!
- 2 sticks (1 cup) unsalted butter, melted
- 1 1/2 cups light brown sugar
- 1/2 cup granulated sugar
- 3 large eggs
- 2 teaspoons vanilla extract
- 1 teaspoon salt
- 1/2 teaspoon baking soda
- 1/2 teaspoon baking powder
- 1 1/2 cups all-purpose flour
- 1 1/2 cups bread flour
- 1 1/2 cups chocolate chunks
- Preheat your oven to 350 degrees F. Line a baking sheet with parchment paper.
- 1.In the bowl of your stand mixer, combine melted butter, sugars, eggs and vanilla. Mix until smooth, about 2-3 minutes. Add salt, baking soda, and baking powder. Mix another minute or until incorporated.
- 2.With your mixer set to its slowest setting, add 1 1/2 cups all-purpose flour. Mix until combined with the wet mixture. Add the remaining 1 1/2 cups of bread flour and stir until incorporated. Remove bowl from the mixer and using a spatula, add chocolate chunks.
- 3.Using a large cookie scoop, place cookie dough balls onto the prepared baking sheet and put in the oven. Bake for 14-16 minutes or until the edges start to brown and cookies appear to be set. Let cool for a couple of minutes before transferring to wire racks to cool completely. Repeat with remaining cookie dough.
Cookietins.com
- 2 sticks (1 cup) unsalted butter, melted
- 1 cup light brown sugar
- 1 cup granulated sugar
- 3 large eggs
- 2 teaspoons vanilla extract
- 1 teaspoon salt
- 1/2 teaspoon baking soda
- 1/2 teaspoon baking powder
- 1 1/2 cups all-purpose flour
- 1 1/2 cups bread flour
- 1 cup white chocolate chips
- 1/2 cup unsalted macadamia nuts, roughly chopped
- Preheat your oven to 350 degrees F. Line a baking sheet with parchment paper.
- 2.In the bowl of your stand mixer, combine melted butter, sugars, eggs & egg yolk and vanilla. Mix until smooth, about 2-3 minutes. Add salt, baking soda, and baking powder. Mix another minute or until incorporated.
- 3.With your mixer set to its slowest setting, add 1 1/2 cups all-purpose flour. Mix until combined with the wet mixture. Add the remaining 1 1/2 cups of bread flour and stir until incorporated. Remove bowl from the mixer and using a spatula, add white chocolate chips and macadamia nuts.
- 4.Using a large cookie scoop, place cookie dough balls onto the prepared baking sheet and put in the oven. Bake for 14-16 minutes or until the edges start to brown and cookies appear to be set. Let cool for a couple of minutes before transferring to wire racks to cool completely. Repeat with remaining cookie dough.
I Baked The Viral #PanBangingCookies, And I'm Never Going Back
- 1/2 cup (1 stick) unsalted butter
- 4 ounces dark chocolate, roughly chopped
- 1 cup light brown sugar
- 1/2 cup granulated sugar
- 2 large eggs
- 1 teaspoon vanilla extract
- 1/2 teaspoon salt
- 1/2 teaspoon baking soda
- 1 cup all-purpose flour
- 1/2 unsweetened cocoa powder
- Preheat oven to 325 degrees F. Line a baking sheet with parchment paper.
- 1. In a heatproof bowl, combine butter and chopped dark chocolate. Place in the microwave and heat in 30 second intervals until completely melted. Pour mixture into the bowl of your stand mixer and let cool for 2-3 minutes.
- 2. Add sugars and mix until combined. Add eggs and vanilla and cream together. Next, mix in salt and baking soda until incorporated. Add flour and cocoa powder and mix until fully combined. Remove bowl from the mixer and fold in white chocolate chips, milk chocolate chips and semisweet chocolate chips.
- 3. Using a regular cookie scoop, place cookie dough balls onto prepared baking sheet and put in the oven. Bake cookies for 14 minutes. Let cool on the baking sheet for 5 minutes before transferring to wire racks to cool completely. Repeat with remaining dough.
Comments are closed.