ASP.NET Core API Standards

CRITICAL DIRECTIVE

ONLY implement what is explicitly requested. Do NOT add unrequested features like:

• CORS configuration (unless asked for)
• Swagger/OpenAPI setup (unless asked for)
• Authentication/Authorization (unless asked for)
• Rate limiting, caching, compression (unless asked for)
• Additional middleware (unless asked for)

When user requests ONE thing (e.g., "create an exception filter"), implement ONLY that thing.

Core Controller Rules (ALWAYS Apply)