1
0
mirror of https://git.teknik.io/Teknikode/Teknik.git synced 2023-08-02 14:16:22 +02:00

- Added better cache check for downloads.

- Fixed error redirects not forcing https
This commit is contained in:
Uncled1023 2017-04-18 00:57:30 -07:00
parent b0c98f2e8a
commit 7070128efb
4 changed files with 52 additions and 68 deletions

View File

@ -30,13 +30,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true; Response.TrySkipIisCustomErrors = true;
} }
string errorMessage = "General Exception"; LogError(LogLevel.Error, "General Exception", exception);
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
ErrorViewModel model = new ErrorViewModel(); ErrorViewModel model = new ErrorViewModel();
model.Exception = exception; model.Exception = exception;
@ -57,13 +51,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true; Response.TrySkipIisCustomErrors = true;
} }
string errorMessage = "General HTTP Exception"; LogError(LogLevel.Error, "General HTTP Exception", exception);
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
ErrorViewModel model = new ErrorViewModel(); ErrorViewModel model = new ErrorViewModel();
model.Description = exception.Message; model.Description = exception.Message;
@ -84,13 +72,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true; Response.TrySkipIisCustomErrors = true;
} }
string errorMessage = "Unauthorized"; LogError(LogLevel.Error, "Unauthorized", exception);
if (Request != null && Request.Url != null)
{
errorMessage += " for page: " + Request.Url.AbsoluteUri;
}
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
ErrorViewModel model = new ErrorViewModel(); ErrorViewModel model = new ErrorViewModel();
model.Exception = exception; model.Exception = exception;
@ -110,13 +92,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true; Response.TrySkipIisCustomErrors = true;
} }
string errorMessage = "Access Denied"; LogError(LogLevel.Error, "Access Denied", exception);
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
ErrorViewModel model = new ErrorViewModel(); ErrorViewModel model = new ErrorViewModel();
model.Exception = exception; model.Exception = exception;
@ -136,24 +112,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true; Response.TrySkipIisCustomErrors = true;
} }
string errorMessage = "Page Not Found"; LogError(LogLevel.Warning, "Page Not Found", exception);
if (Request != null)
{
if (Request.Url != null)
{
errorMessage += " for page: " + Request.Url.AbsoluteUri;
}
if (Request.UrlReferrer != null)
{
errorMessage += " | for referred page: " + Request.Url.AbsoluteUri;
}
errorMessage += " | using Method: " + Request.HttpMethod;
}
Logger.WriteEntry(LogLevel.Warning, errorMessage, exception);
ErrorViewModel model = new ErrorViewModel(); ErrorViewModel model = new ErrorViewModel();
model.Exception = exception; model.Exception = exception;
@ -174,18 +133,34 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true; Response.TrySkipIisCustomErrors = true;
} }
string errorMessage = "Server Error"; LogError(LogLevel.Error, "Server Error", exception);
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
ErrorViewModel model = new ErrorViewModel(); ErrorViewModel model = new ErrorViewModel();
model.Exception = exception; model.Exception = exception;
return View("~/Areas/Error/Views/Error/Http500.cshtml", model); return View("~/Areas/Error/Views/Error/Http500.cshtml", model);
} }
private void LogError(LogLevel level, string message, Exception exception)
{
if (Request != null)
{
if (Request.Url != null)
{
message += " | Url: " + Request.Url.AbsoluteUri;
}
if (Request.UrlReferrer != null)
{
message += " | Referred Url: " + Request.Url.AbsoluteUri;
}
message += " | Method: " + Request.HttpMethod;
message += " | User Agent: " + Request.UserAgent;
}
Logger.WriteEntry(level, message, exception);
}
} }
} }

View File

@ -171,18 +171,28 @@ namespace Teknik.Areas.Upload.Controllers
} }
else // We have the key, so that means server side decryption else // We have the key, so that means server side decryption
{ {
// Are they downloading it by range? // Check for the cache
bool byRange = !string.IsNullOrEmpty(Request.ServerVariables["HTTP_RANGE"]); // We do not support ranges bool isCached = false;
string modifiedSince = Request.Headers["If-Modified-Since"];
bool isCached = !string.IsNullOrEmpty(Request.Headers["If-Modified-Since"]); // Check to see if they have a cache if (!string.IsNullOrEmpty(modifiedSince))
{
DateTime modTime = new DateTime();
bool parsed = DateTime.TryParse(modifiedSince, out modTime);
if (parsed)
{
if ((modTime - dateUploaded).TotalSeconds <= 1)
{
isCached = true;
}
}
}
if (isCached) if (isCached)
{ {
// The file is cached, let's just 304 this // The file is cached, let's just 304 this
Response.StatusCode = 304; Response.StatusCode = 304;
Response.StatusDescription = "Not Modified"; Response.StatusDescription = "Not Modified";
Response.AddHeader("Content-Length", "0"); return new EmptyResult();
return Content(string.Empty);
} }
else else
{ {
@ -194,6 +204,9 @@ namespace Teknik.Areas.Upload.Controllers
if (System.IO.File.Exists(filePath)) if (System.IO.File.Exists(filePath))
{ {
#region Range Calculation #region Range Calculation
// Are they downloading it by range?
bool byRange = !string.IsNullOrEmpty(Request.ServerVariables["HTTP_RANGE"]); // We do not support ranges
// check to see if we need to pass a specified range // check to see if we need to pass a specified range
if (byRange) if (byRange)
{ {
@ -274,7 +287,7 @@ namespace Teknik.Areas.Upload.Controllers
Response.AddHeader("Content-Disposition", cd.ToString()); Response.AddHeader("Content-Disposition", cd.ToString());
// Apply content security policy for downloads // Apply content security policy for downloads
Response.AddHeader("Content-Security-Policy", "default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; media-src 'self'; child-src 'self'; form-action 'none';"); Response.AddHeader("Content-Security-Policy", "default-src 'none'; script-src 'none'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; media-src 'self'; child-src 'self'; form-action 'none';");
// Read in the file // Read in the file
FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read); FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read);

View File

@ -55,7 +55,6 @@ namespace Teknik.Controllers
this.InvokeHttp404(HttpContext); this.InvokeHttp404(HttpContext);
} }
[HttpGet]
[AllowAnonymous] [AllowAnonymous]
public ActionResult InvokeHttp404(HttpContextBase httpContext) public ActionResult InvokeHttp404(HttpContextBase httpContext)
{ {
@ -73,7 +72,6 @@ namespace Teknik.Controllers
} }
// Get the Favicon // Get the Favicon
[HttpGet]
[AllowAnonymous] [AllowAnonymous]
public ActionResult Favicon() public ActionResult Favicon()
{ {
@ -83,7 +81,6 @@ namespace Teknik.Controllers
} }
// Get the Logo // Get the Logo
[HttpGet]
[AllowAnonymous] [AllowAnonymous]
public ActionResult Logo() public ActionResult Logo()
{ {
@ -93,7 +90,6 @@ namespace Teknik.Controllers
} }
// Get the Robots.txt // Get the Robots.txt
[HttpGet]
[AllowAnonymous] [AllowAnonymous]
public ActionResult Robots() public ActionResult Robots()
{ {
@ -102,7 +98,6 @@ namespace Teknik.Controllers
return File(file, "text/plain"); return File(file, "text/plain");
} }
[HttpGet]
[AllowAnonymous] [AllowAnonymous]
public ActionResult NotFound() public ActionResult NotFound()
{ {

View File

@ -159,6 +159,7 @@ namespace Teknik
routeData.DataTokens.Add("namespaces", new[] { typeof(ErrorController).Namespace }); routeData.DataTokens.Add("namespaces", new[] { typeof(ErrorController).Namespace });
routeData.DataTokens.Add("area", "Error"); routeData.DataTokens.Add("area", "Error");
routeData.Values.Add("controller", "Error"); routeData.Values.Add("controller", "Error");
routeData.Values.Add("scheme", "https");
if (httpException == null) if (httpException == null)
{ {