Microsoft.AspNetCore.Localization "Deprecated" CookieRequestCultureProvider Alternatives?

[thabaum]

A Blazor Client WASM Project (Not Server) it has a dependency on a few "obsolete" packages I would like to either remove for what should be used in place of them or at least remove the "obsolete" package warnings. I am not sure these packages are considered "mature" and "secure" as I am being lead to believe and want to be sure this is in fact the case.

Microsoft.AspNetCore.Localization
Microsoft.AspNetCore.Http
Micrsosoft.Net.Http.Headers

These three packages in particular.

https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.localization.cookierequestcultureprovider?view=aspnetcore-8.0

What is recommended for alternative to using CookieRequestCultureProvider and IHttpContextAccessor and 'http" in a blazor-wasm project in order to remove the dependency on the deprecated package Microsoft.AspNetCore.Localization ?

Thank you!

[martincostello]

The API isn't deprecated, but the 2.2.0 NuGet package is because ASP.NET Core 2.2 is out of support and since .NET Core 3.0 the API is part of the ASP.NET Core Shared Framework.

You just need to use a framework reference instead of a package reference.

[thabaum]

@martincostello you are partially correct here. Issue is from doing more research is this is a solution for "Server" projects only and wont work in the "WASM" Client project which is where these references reside.

After doing a lot of reading and research I noticed it said add these in the server project. I will try to do this to tests out that project but the Client project is what needed access to the following for this project

Microsoft.AspNetCore.Localization
Microsoft.AspNetCore.Http
Micrsosoft.Net.Http.Headers

Those are the three other "Obsolete" packages that Microsoft.AspNetCore.Localization adds when you include it as a package dependency that the project is using.

Below is an issue created with no solution for an answer.
https://stackoverflow.com/questions/76173982/migrating-the-deprecated-microsoft-aspnetcore-http-abstractions-nuget-package

Issue I have is all of these "obsolete" packages maybe introducing security issues to projects that use them. Am I correct to think this since they are no longer supported by Microsoft?

So there needs to be a path away, and maybe it is to remake the logic by hand these handle? I am just looking for a definitive answer to start working on a path towards a solution to remove anything considered "Obsolete".

[thabaum]

@martincostello thank you for the reply! I will give it a go. I will mark this as answer since it looks like the information I was trying to find.

Cheers!

[thabaum]

@martincostello thanks for the attempt but did not resolve my issue. This is a .NET 7/8 Blazor application. When I remove the Microsoft.AspNetCore.Localization package and just use a package reference, I get a bunch of errors still.

These are the errors when the package is removed:

<Project Sdk="Microsoft.NET.Sdk.BlazorWebAssembly">

<TargetFramework>net8.0</TargetFramework>

Adding the following:

  <ItemGroup>
    <FrameworkReference Include="Microsoft.AspNetCore.App" />
  </ItemGroup>

  <ItemGroup>
    <PackageReference Include="Microsoft.AspNetCore.Localization" Version="2.2.0" />
  </ItemGroup>

If I install the package the errors no longer exist so I don't think this approach works in latest versions of .NET or I am doing something wrong.

I was just trying to remove this "Obsolete" package from the list of packages installed.

When I remove this package the project loses access to the following namespaces and functionality:

Microsoft.AspNetCore.Http -> IHttpConextAccessor, 
Microsoft.AspNetCore.Localization -> CookieRequestCultureProvider
Microsoft.Net.Http.Headers -> HeaderNames

"There was no runtime pack for Microsoft.AspNetCore.App available for the specified RuntimeIdentifier 'browser-wasm'"

So now I can see there are a couple other packages that are also obsolete that this project is using.

So I added those package references and removed the Microsoft.AspNetCore.App package reference and

  <ItemGroup>
    <PackageReference Include="Microsoft.AspNetCore.Localization" Version="2.2.0" />
    <PackageReference Include="Microsoft.AspNetCore.Http" Version="2.2.2" />
    <PackageReference Include="Microsoft.Net.Http.Headers" Version="2.2.8" />
  </ItemGroup>

Got the following list of errors:

So directly referencing these packages inside a client project at least does not give this Blazor application access to these packages.

Is there something I am missing?

If I add a project reference, it installs the package, which when you look at nuget packages manager then shows these obsolete packages as being installed.

I guess the solution I am after is more one that does not include any obsolete packages in the project or solution. I am looking for what solutions replace these packages if that makes sense in a Blazor Wasm project.

Adding a package reference is the same thing as installing the package dependency

Looks like there are 3 obsolete packages that are being used in the project. The goal is to have a solution to remove these if possible, or is it best just to leave them? Since not supported I am not sure if checked for vulnerabilities anymore.

Thanks for trying. Any other suggestions?