Merging internal commits for release/9.0

Directory.Build.props

@@ -1,6 +1,8 @@
 <Project>
   <Import Project="eng\Common.props" />
-
+  <PropertyGroup>
+    <NuGetAudit>false</NuGetAudit>
+  </PropertyGroup>
   <PropertyGroup>
     <AccelerateBuildsInVisualStudio>true</AccelerateBuildsInVisualStudio>
   </PropertyGroup>

NuGet.config

@@ -6,8 +6,10 @@
     <!--  Begin: Package sources from dotnet-extensions -->
     <!--  End: Package sources from dotnet-extensions -->
     <!--  Begin: Package sources from dotnet-runtime -->
+    <add key="darc-int-dotnet-runtime-a1e6809" value="https://pkgs.dev.azure.com/dnceng/internal/_packaging/darc-int-dotnet-runtime-a1e6809f/nuget/v3/index.json" />
     <!--  End: Package sources from dotnet-runtime -->
     <!--  Begin: Package sources from dotnet-efcore -->
+    <add key="darc-int-dotnet-efcore-60c2e9b" value="https://pkgs.dev.azure.com/dnceng/internal/_packaging/darc-int-dotnet-efcore-60c2e9b8/nuget/v3/index.json" />
     <!--  End: Package sources from dotnet-efcore -->
     <!--End: Package sources managed by Dependency Flow automation. Do not edit the sources above.-->
     <add key="dotnet-eng" value="https://pkgs.dev.azure.com/dnceng/public/_packaging/dotnet-eng/nuget/v3/index.json" />
@@ -30,8 +32,10 @@
     <clear />
     <!--Begin: Package sources managed by Dependency Flow automation. Do not edit the sources below.-->
     <!--  Begin: Package sources from dotnet-efcore -->
+    <add key="darc-int-dotnet-efcore-60c2e9b" value="true" />
     <!--  End: Package sources from dotnet-efcore -->
     <!--  Begin: Package sources from dotnet-runtime -->
+    <add key="darc-int-dotnet-runtime-a1e6809" value="true" />
     <!--  End: Package sources from dotnet-runtime -->
     <!--End: Package sources managed by Dependency Flow automation. Do not edit the sources above.-->
   </disabledPackageSources>

src/Components/Endpoints/src/FormMapping/FormDataReader.cs

@@ -7,6 +7,7 @@
 using System.Globalization;
 using System.Runtime.CompilerServices;
 using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.WebUtilities;
 using Microsoft.Extensions.Primitives;
 
 namespace Microsoft.AspNetCore.Components.Endpoints.FormMapping;
@@ -23,7 +24,6 @@ internal struct FormDataReader : IDisposable
     // As an implementation detail, reuse FormKey for the values.
     // It's just a thin wrapper over ReadOnlyMemory<char> that caches
     // the computed hash code.
-    private IReadOnlyDictionary<FormKey, HashSet<FormKey>>? _formDictionaryKeysByPrefix;
 
     private PrefixResolver _prefixResolver;
 
@@ -48,6 +48,8 @@ public FormDataReader(IReadOnlyDictionary<FormKey, StringValues> formCollection,
 
     public int MaxRecursionDepth { get; set; } = 64;
 
+    public int MaxCollectionSize { get; set; } = FormReader.DefaultValueCountLimit;
+
     public Action<string, FormattableString, string?>? ErrorHandler { get; set; }
 
     public Action<string, object>? AttachInstanceToErrorsHandler { get; set; }
@@ -107,61 +109,52 @@ public void AttachInstanceToErrors(object value)
 
     internal FormKeyCollection GetKeys()
     {
-        if (_formDictionaryKeysByPrefix == null)
-        {
-            _formDictionaryKeysByPrefix = ProcessFormKeys();
-        }
+        // Scan the input dictionary for keys matching the current prefix followed by a bracket segment.
+        // This avoids building a large upfront dictionary of all prefix→key mappings.
+        var prefix = _currentPrefixBuffer;
+        var result = new HashSet<FormKey>();
 
-        if (_formDictionaryKeysByPrefix.TryGetValue(new FormKey(_currentPrefixBuffer), out var foundKeys))
+        foreach (var kvp in _readOnlyMemoryKeys)
         {
-            return new FormKeyCollection(foundKeys);
-        }
+            var key = kvp.Key.Value;
 
-        return FormKeyCollection.Empty;
-    }
+            // The key must start with the current prefix (case-insensitive).
+            if (key.Length <= prefix.Length ||
+                !key.Span[..prefix.Length].Equals(prefix.Span, StringComparison.OrdinalIgnoreCase))
+            {
+                continue;
+            }
 
-    // Internal for testing purposes
-    internal IReadOnlyDictionary<FormKey, HashSet<FormKey>> ProcessFormKeys()
-    {
-        var keys = _readOnlyMemoryKeys.Keys;
-        var result = new Dictionary<FormKey, HashSet<FormKey>>();
-        // We need to iterate over all the keys in the dictionary and process each key to split it into segments where
-        // the prefixes are string separated by . and the keys are enclosed in []. For example if the key is
-        // Customer.Orders[<<OrderId>>]BillingInfo.FirstName, then we need to split it into Customer.Orders,
-        // [<<OrderId>>] and BillingInfo.FirstName. We then, need to group all the keys by the prefix. So, for the
-        // above example, we will have an entry for the prefix Customer.Orders that will include [<<OrderId>>] as the
-        // key.
-
-        foreach (var key in keys)
-        {
-            var startIndex = key.Value.Span.IndexOf('[');
-            while (startIndex >= 0)
+            // Immediately after the prefix, there must be a '['.
+            if (key.Span[prefix.Length] != '[')
+            {
+                continue;
+            }
+
+            // Find the closing ']' after the '['.
+            var remaining = key[prefix.Length..];
+            var closeIndex = remaining.Span[1..].IndexOf(']');
+            if (closeIndex == -1)
+            {
+                // Malformed key — no closing bracket. Skip it.
+                continue;
+            }
+
+            // Extract "[value]" (closeIndex is relative to position 1, so add 2 for the full segment).
+            var segment = remaining[..(closeIndex + 2)];
+            result.Add(new FormKey(segment));
+
+            // Allow one extra item through so collection/dictionary binding can still detect overflow
+            // and report the existing max-size error instead of silently truncating the input.
+            if (result.Count > MaxCollectionSize)
             {
-                var endIndex = key.Value.Span[startIndex..].IndexOf(']') + startIndex;
-                if (endIndex == -1)
-                {
-                    // Ignore malformed keys
-                    break;
-                }
-
-                var prefix = key.Value[..startIndex];
-                var keyValue = key.Value[startIndex..(endIndex + 1)];
-                if (result.TryGetValue(new FormKey(prefix), out var foundKeys))
-                {
-                    foundKeys.Add(new FormKey(keyValue));
-                }
-                else
-                {
-                    result.Add(new FormKey(prefix), new HashSet<FormKey> { new FormKey(keyValue) });
-                }
-
-                var nextOpenBracket = key.Value.Span[(endIndex + 1)..].IndexOf('[');
-
-                startIndex = nextOpenBracket != -1 ? endIndex + 1 + nextOpenBracket : -1;
+                break;
             }
         }
 
-        return result;
+        return result.Count > 0
+            ? new FormKeyCollection(result)
+            : FormKeyCollection.Empty;
     }
 
     // This only ever gets invoked if we have a recursive type.

src/Components/Endpoints/src/FormMapping/HttpContextFormValueMapper.cs

@@ -138,7 +138,8 @@ public override void Deserialize(
                     ErrorHandler = context.OnError,
                     AttachInstanceToErrorsHandler = context.MapErrorToContainer,
                     MaxRecursionDepth = options.MaxRecursionDepth,
-                    MaxErrorCount = options.MaxErrorCount
+                    MaxErrorCount = options.MaxErrorCount,
+                    MaxCollectionSize = options.MaxCollectionSize
                 };
 
                 reader.PushPrefix(context.ParameterName);