Core Code
Core Code Modern Dev Handbook
DOTNET Contents
Foundations (Hosting, DI, Config)
Hosting Model & Kestrel Reality DI Lifetimes (This Will Leak/Break) Options Pattern & Config Binding Env Config & Secrets (Don't Bake) Logging Basics with ILogger Health Checks: Readiness vs Liveness Graceful Shutdown Basics
Web Services Basics (ASP.NET Core)
Controllers vs Minimal APIs (Tradeoffs in Prod) Middleware Pipeline Order (Bugs You Deserve) Routing Basics (Endpoints That Bite) Endpoint Filters Basics Request/Response Streaming (Backpressure Matters) Static Files (Security Foot-guns) Shutdown Draining (Don't Drop In-Flight)
Routing, Binding & Validation
Model Binding Gotchas Validation with FluentValidation (Basics) Input Validation: What to Validate Where File Upload Basics & Hardening Querystring Filtering & Limits Multipart Size Limits (Stop Zip Bombs)
Errors & Problem Details (RFC 7807)
Exception Handling Middleware (Correctly) Problem Details (RFC 7807) Done Right Validation Errors as Problem Details Error Codes & API Contracts Global JSON Settings (Safe Defaults) 404 vs Validation (Client UX & Semantics)
Authentication & Authorization
Cookie vs Bearer Auth (Don't Mix Blindly) JWT Validation Basics (What Actually Matters) JWT Key Rotation & kid Handling AuthZ Policies, Roles, Claims Resource-Based Authorization ASP.NET Identity: When to Use It mTLS Client Certs (Basics)
Security Basics (Production)
CORS Misconfigurations (Real Impact) Security Headers (Baseline) CSRF: SameSite vs Token Defenses XSS: Output Encoding & HTML Safety Deserialization Hardening SSRF & Egress Controls Rate Limiting Basics (Server-Side) Request Size Limits (Abuse Prevention) Secrets Management for .NET Apps Dependency Vulnerability Scanning
Data Access (EF Core in Prod)
DbContext Lifetime & Pooling (Prod-Safe) Migrations Safe Rollout (No Downtime) Transactions & Isolation Levels N+1 Detection & Fix Query Performance & Index Reality Optimistic Concurrency Tokens Outbox Pattern (Basics) Soft Delete & Global Query Filters Connection Resiliency (Retries Without Lies)
HTTP Clients & Integrations
HttpClientFactory: Pooling & DNS Reality Timeouts & Deadlines (Stop Hanging Threads) Retries & Backoff Policies (When It's Okay) Circuit Breakers (Basics That Matter) Idempotency Keys for Outbound Calls Headers/Auth Forwarding (Don't Leak) HTTP/2 and HTTP/3 Considerations
Reliability Patterns
Timeouts & CancellationTokens (Correct Wiring) Retries: When NOT To (Thundering Herd) Idempotency for APIs (You Need This) Server-Side Rate Limiting (Fairness & Abuse) Bulkheads & Concurrency Limits Backpressure in Streaming (Don't OOM) Graceful Degradation & Fallbacks Saga & Compensation (Basics)
Background Jobs & Hosting
HostedService Basics (The Safe Way) Background Queue with Channels Cron Scheduling: Hangfire vs Built-in Worker Service Deploy Patterns Message Consumers & Idempotency Shutdown: Cancellation & Job Draining
Observability (Logs, Metrics, Traces)
Structured Logging with Serilog Correlation IDs & Trace Context OpenTelemetry Tracing (ASP.NET Core) OpenTelemetry Metrics (SLI-first) Health Checks Deep Dive (Readiness Done Right) Log PII Redaction (Don't Get Sued) Alerting & SLO Basics (Actionable Only) Debugging in Prod (Dumps, Traces)
Performance & Tuning
ThreadPool Starvation (Symptoms & Fix) Async Pitfalls (Deadlocks, Fire-and-Forget) Allocations & GC (What Actually Hurts) Kestrel Tuning & Limits JSON Serialization Performance EF Core Perf Hotspots (How to See Them) Caching: Response/Output Strategies
Testing & Quality Gates
Unit Testing with xUnit (Basics) Integration Tests with WebApplicationFactory Contract Tests (Basics) Mocking HTTP and Time Safely Testcontainers Basics (Real Dependencies) Coverage & Quality Gates (No Theatre) Load Testing with k6 (Basics)
Build, Release & Deploy
Build/Publish, Trimming, AOT (Basics) Dockerizing ASP.NET Core (Production) Config & Secrets in Deploy (No Baking) Blue/Green & Canary (Basics) Migrations & Deploy Order (Avoid Locking) Rollbacks vs Forward-Fix (When Each Wins) Versioning & SemVer (APIs Included) CI/CD Basics (Build, Test, Scan, Ship)
Production Runbooks
Incident Triage Playbook (First 15 Minutes) Dependency Outage Playbook (Third-Party Down) DB Latency Playbook (EF Core Included) Memory Leak Playbook (OOM Hunting) CPU Saturation Playbook (Hot Paths) Timeout Storm Playbook (Cascading Failure) Deploy Failure Playbook (Rollback Safely) Production Readiness Checklist

Backpressure in Streaming (Don't OOM)

Backpressure is how you avoid buffering yourself into an OOM. If your service streams data or processes queues, you must control how fast producers can push and how slow consumers can pull. Otherwise memory becomes your queue.
On this page

Production incident

A file download endpoint streams large content from an upstream storage service. Someone reads the full response into memory and then writes it to the client. Under a few concurrent downloads, memory spikes and pods get OOMKilled. Another incident: a background consumer reads from a message queue as fast as possible and buffers work in memory while the downstream DB is slow. Memory becomes an unbounded queue. Backpressure was missing.

Symptoms

  • Memory grows with concurrency. OOMKills appear during spikes.
  • GC time increases; throughput drops.
  • Latency increases for all requests because the process is under memory pressure.
  • Streaming endpoints buffer large payloads unexpectedly.

Root causes

  • Reading full content into memory (ReadAsStringAsync/ReadAsByteArrayAsync) for large responses.
  • Unbounded in-memory queues in background processing.
  • No bounded channel / no flow control between producer and consumer.

Diagnosis

# Look for buffering calls
grep -R "ReadAsByteArrayAsync\|ReadAsStringAsync" -n .
grep -R "ToList\(" -n . | head -n 50

# Look for in-memory queues
grep -R "ConcurrentQueue\|BlockingCollection\|List<" -n .

Anti-pattern

// Buffers entire file in memory: OOM waiting to happen
var bytes = await resp.Content.ReadAsByteArrayAsync(ct);
return File(bytes, "application/octet-stream");

Correct pattern

Stream with ResponseHeadersRead and CopyToAsync. For background pipelines, use bounded channels and respect cancellation.

// Streaming download without buffering
var resp = await _http.SendAsync(req, HttpCompletionOption.ResponseHeadersRead, ct);
resp.EnsureSuccessStatusCode();

await using var stream = await resp.Content.ReadAsStreamAsync(ct);
Response.ContentType = "application/octet-stream";
await stream.CopyToAsync(Response.Body, ct);

// Bounded channel for producer/consumer backpressure
var channel = Channel.CreateBounded<WorkItem>(new BoundedChannelOptions(capacity: 500)
{
    FullMode = BoundedChannelFullMode.Wait
});

// Producer writes: will block when full (backpressure)
await channel.Writer.WriteAsync(item, ct);

// Consumer reads: controls throughput
await foreach (var work in channel.Reader.ReadAllAsync(ct))
{
    await ProcessAsync(work, ct);
}

Backpressure design rules

  • Bound everything: queues, buffers, concurrency.
  • Prefer streaming: do not materialize large payloads unless you must.
  • Use time budgets: if the consumer is slow, you either shed load or slow the producer.
  • Expose signals: queue length, channel fullness, drop/reject counts.

Security and performance impact

  • Performance: prevents memory blowups and stabilizes throughput.
  • Security: unbounded buffering is an easy DOS vector. Attackers can request large payloads and starve memory.

Operational notes

  • Monitoring: memory, GC time, queue lengths, dropped/rejected work, streaming response sizes.
  • Rollout: switch buffering endpoints to streaming with canary. Validate content integrity and client behavior.
  • Rollback: if clients require buffering for specific features, keep it behind a limited, authenticated path with strict size limits.

Checklist

  • No large payload buffering on hot paths.
  • Streaming uses ResponseHeadersRead and CopyToAsync.
  • Background pipelines use bounded channels or bounded queues.
  • Queue length and memory pressure are monitored.
  • Size limits exist to prevent abusive payloads.
Graceful Degradation & Fallbacks →