mirror of
https://git.teknik.io/Teknikode/Teknik.git
synced 2023-08-02 14:16:22 +02:00
- Added better cache check for downloads.
- Fixed error redirects not forcing https
This commit is contained in:
parent
b0c98f2e8a
commit
7070128efb
@ -30,13 +30,7 @@ namespace Teknik.Areas.Error.Controllers
|
||||
Response.TrySkipIisCustomErrors = true;
|
||||
}
|
||||
|
||||
string errorMessage = "General Exception";
|
||||
if (Request != null && Request.Url != null)
|
||||
{
|
||||
errorMessage += " on page: " + Request.Url.AbsoluteUri;
|
||||
}
|
||||
|
||||
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
|
||||
LogError(LogLevel.Error, "General Exception", exception);
|
||||
|
||||
ErrorViewModel model = new ErrorViewModel();
|
||||
model.Exception = exception;
|
||||
@ -57,13 +51,7 @@ namespace Teknik.Areas.Error.Controllers
|
||||
Response.TrySkipIisCustomErrors = true;
|
||||
}
|
||||
|
||||
string errorMessage = "General HTTP Exception";
|
||||
if (Request != null && Request.Url != null)
|
||||
{
|
||||
errorMessage += " on page: " + Request.Url.AbsoluteUri;
|
||||
}
|
||||
|
||||
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
|
||||
LogError(LogLevel.Error, "General HTTP Exception", exception);
|
||||
|
||||
ErrorViewModel model = new ErrorViewModel();
|
||||
model.Description = exception.Message;
|
||||
@ -84,13 +72,7 @@ namespace Teknik.Areas.Error.Controllers
|
||||
Response.TrySkipIisCustomErrors = true;
|
||||
}
|
||||
|
||||
string errorMessage = "Unauthorized";
|
||||
if (Request != null && Request.Url != null)
|
||||
{
|
||||
errorMessage += " for page: " + Request.Url.AbsoluteUri;
|
||||
}
|
||||
|
||||
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
|
||||
LogError(LogLevel.Error, "Unauthorized", exception);
|
||||
|
||||
ErrorViewModel model = new ErrorViewModel();
|
||||
model.Exception = exception;
|
||||
@ -110,13 +92,7 @@ namespace Teknik.Areas.Error.Controllers
|
||||
Response.TrySkipIisCustomErrors = true;
|
||||
}
|
||||
|
||||
string errorMessage = "Access Denied";
|
||||
if (Request != null && Request.Url != null)
|
||||
{
|
||||
errorMessage += " on page: " + Request.Url.AbsoluteUri;
|
||||
}
|
||||
|
||||
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
|
||||
LogError(LogLevel.Error, "Access Denied", exception);
|
||||
|
||||
ErrorViewModel model = new ErrorViewModel();
|
||||
model.Exception = exception;
|
||||
@ -136,24 +112,7 @@ namespace Teknik.Areas.Error.Controllers
|
||||
Response.TrySkipIisCustomErrors = true;
|
||||
}
|
||||
|
||||
string errorMessage = "Page Not Found";
|
||||
|
||||
if (Request != null)
|
||||
{
|
||||
if (Request.Url != null)
|
||||
{
|
||||
errorMessage += " for page: " + Request.Url.AbsoluteUri;
|
||||
}
|
||||
|
||||
if (Request.UrlReferrer != null)
|
||||
{
|
||||
errorMessage += " | for referred page: " + Request.Url.AbsoluteUri;
|
||||
}
|
||||
|
||||
errorMessage += " | using Method: " + Request.HttpMethod;
|
||||
}
|
||||
|
||||
Logger.WriteEntry(LogLevel.Warning, errorMessage, exception);
|
||||
LogError(LogLevel.Warning, "Page Not Found", exception);
|
||||
|
||||
ErrorViewModel model = new ErrorViewModel();
|
||||
model.Exception = exception;
|
||||
@ -174,18 +133,34 @@ namespace Teknik.Areas.Error.Controllers
|
||||
Response.TrySkipIisCustomErrors = true;
|
||||
}
|
||||
|
||||
string errorMessage = "Server Error";
|
||||
if (Request != null && Request.Url != null)
|
||||
{
|
||||
errorMessage += " on page: " + Request.Url.AbsoluteUri;
|
||||
}
|
||||
|
||||
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
|
||||
LogError(LogLevel.Error, "Server Error", exception);
|
||||
|
||||
ErrorViewModel model = new ErrorViewModel();
|
||||
model.Exception = exception;
|
||||
|
||||
return View("~/Areas/Error/Views/Error/Http500.cshtml", model);
|
||||
}
|
||||
|
||||
private void LogError(LogLevel level, string message, Exception exception)
|
||||
{
|
||||
if (Request != null)
|
||||
{
|
||||
if (Request.Url != null)
|
||||
{
|
||||
message += " | Url: " + Request.Url.AbsoluteUri;
|
||||
}
|
||||
|
||||
if (Request.UrlReferrer != null)
|
||||
{
|
||||
message += " | Referred Url: " + Request.Url.AbsoluteUri;
|
||||
}
|
||||
|
||||
message += " | Method: " + Request.HttpMethod;
|
||||
|
||||
message += " | User Agent: " + Request.UserAgent;
|
||||
}
|
||||
|
||||
Logger.WriteEntry(level, message, exception);
|
||||
}
|
||||
}
|
||||
}
|
@ -171,18 +171,28 @@ namespace Teknik.Areas.Upload.Controllers
|
||||
}
|
||||
else // We have the key, so that means server side decryption
|
||||
{
|
||||
// Are they downloading it by range?
|
||||
bool byRange = !string.IsNullOrEmpty(Request.ServerVariables["HTTP_RANGE"]); // We do not support ranges
|
||||
|
||||
bool isCached = !string.IsNullOrEmpty(Request.Headers["If-Modified-Since"]); // Check to see if they have a cache
|
||||
// Check for the cache
|
||||
bool isCached = false;
|
||||
string modifiedSince = Request.Headers["If-Modified-Since"];
|
||||
if (!string.IsNullOrEmpty(modifiedSince))
|
||||
{
|
||||
DateTime modTime = new DateTime();
|
||||
bool parsed = DateTime.TryParse(modifiedSince, out modTime);
|
||||
if (parsed)
|
||||
{
|
||||
if ((modTime - dateUploaded).TotalSeconds <= 1)
|
||||
{
|
||||
isCached = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (isCached)
|
||||
{
|
||||
// The file is cached, let's just 304 this
|
||||
Response.StatusCode = 304;
|
||||
Response.StatusDescription = "Not Modified";
|
||||
Response.AddHeader("Content-Length", "0");
|
||||
return Content(string.Empty);
|
||||
return new EmptyResult();
|
||||
}
|
||||
else
|
||||
{
|
||||
@ -194,6 +204,9 @@ namespace Teknik.Areas.Upload.Controllers
|
||||
if (System.IO.File.Exists(filePath))
|
||||
{
|
||||
#region Range Calculation
|
||||
// Are they downloading it by range?
|
||||
bool byRange = !string.IsNullOrEmpty(Request.ServerVariables["HTTP_RANGE"]); // We do not support ranges
|
||||
|
||||
// check to see if we need to pass a specified range
|
||||
if (byRange)
|
||||
{
|
||||
@ -274,7 +287,7 @@ namespace Teknik.Areas.Upload.Controllers
|
||||
Response.AddHeader("Content-Disposition", cd.ToString());
|
||||
|
||||
// Apply content security policy for downloads
|
||||
Response.AddHeader("Content-Security-Policy", "default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; media-src 'self'; child-src 'self'; form-action 'none';");
|
||||
Response.AddHeader("Content-Security-Policy", "default-src 'none'; script-src 'none'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; media-src 'self'; child-src 'self'; form-action 'none';");
|
||||
|
||||
// Read in the file
|
||||
FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read);
|
||||
|
@ -55,7 +55,6 @@ namespace Teknik.Controllers
|
||||
this.InvokeHttp404(HttpContext);
|
||||
}
|
||||
|
||||
[HttpGet]
|
||||
[AllowAnonymous]
|
||||
public ActionResult InvokeHttp404(HttpContextBase httpContext)
|
||||
{
|
||||
@ -73,7 +72,6 @@ namespace Teknik.Controllers
|
||||
}
|
||||
|
||||
// Get the Favicon
|
||||
[HttpGet]
|
||||
[AllowAnonymous]
|
||||
public ActionResult Favicon()
|
||||
{
|
||||
@ -83,7 +81,6 @@ namespace Teknik.Controllers
|
||||
}
|
||||
|
||||
// Get the Logo
|
||||
[HttpGet]
|
||||
[AllowAnonymous]
|
||||
public ActionResult Logo()
|
||||
{
|
||||
@ -93,7 +90,6 @@ namespace Teknik.Controllers
|
||||
}
|
||||
|
||||
// Get the Robots.txt
|
||||
[HttpGet]
|
||||
[AllowAnonymous]
|
||||
public ActionResult Robots()
|
||||
{
|
||||
@ -102,7 +98,6 @@ namespace Teknik.Controllers
|
||||
return File(file, "text/plain");
|
||||
}
|
||||
|
||||
[HttpGet]
|
||||
[AllowAnonymous]
|
||||
public ActionResult NotFound()
|
||||
{
|
||||
|
@ -159,6 +159,7 @@ namespace Teknik
|
||||
routeData.DataTokens.Add("namespaces", new[] { typeof(ErrorController).Namespace });
|
||||
routeData.DataTokens.Add("area", "Error");
|
||||
routeData.Values.Add("controller", "Error");
|
||||
routeData.Values.Add("scheme", "https");
|
||||
|
||||
if (httpException == null)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user