1
0
mirror of https://git.teknik.io/Teknikode/Teknik.git synced 2023-08-02 14:16:22 +02:00

- Added better cache check for downloads.

- Fixed error redirects not forcing https
This commit is contained in:
Uncled1023 2017-04-18 00:57:30 -07:00
parent b0c98f2e8a
commit 7070128efb
4 changed files with 52 additions and 68 deletions

View File

@ -30,13 +30,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}
string errorMessage = "General Exception";
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
LogError(LogLevel.Error, "General Exception", exception);
ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
@ -57,13 +51,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}
string errorMessage = "General HTTP Exception";
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
LogError(LogLevel.Error, "General HTTP Exception", exception);
ErrorViewModel model = new ErrorViewModel();
model.Description = exception.Message;
@ -84,13 +72,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}
string errorMessage = "Unauthorized";
if (Request != null && Request.Url != null)
{
errorMessage += " for page: " + Request.Url.AbsoluteUri;
}
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
LogError(LogLevel.Error, "Unauthorized", exception);
ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
@ -110,13 +92,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}
string errorMessage = "Access Denied";
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
LogError(LogLevel.Error, "Access Denied", exception);
ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
@ -136,24 +112,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}
string errorMessage = "Page Not Found";
if (Request != null)
{
if (Request.Url != null)
{
errorMessage += " for page: " + Request.Url.AbsoluteUri;
}
if (Request.UrlReferrer != null)
{
errorMessage += " | for referred page: " + Request.Url.AbsoluteUri;
}
errorMessage += " | using Method: " + Request.HttpMethod;
}
Logger.WriteEntry(LogLevel.Warning, errorMessage, exception);
LogError(LogLevel.Warning, "Page Not Found", exception);
ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
@ -174,18 +133,34 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}
string errorMessage = "Server Error";
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}
Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
LogError(LogLevel.Error, "Server Error", exception);
ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
return View("~/Areas/Error/Views/Error/Http500.cshtml", model);
}
private void LogError(LogLevel level, string message, Exception exception)
{
if (Request != null)
{
if (Request.Url != null)
{
message += " | Url: " + Request.Url.AbsoluteUri;
}
if (Request.UrlReferrer != null)
{
message += " | Referred Url: " + Request.Url.AbsoluteUri;
}
message += " | Method: " + Request.HttpMethod;
message += " | User Agent: " + Request.UserAgent;
}
Logger.WriteEntry(level, message, exception);
}
}
}

View File

@ -171,18 +171,28 @@ namespace Teknik.Areas.Upload.Controllers
}
else // We have the key, so that means server side decryption
{
// Are they downloading it by range?
bool byRange = !string.IsNullOrEmpty(Request.ServerVariables["HTTP_RANGE"]); // We do not support ranges
bool isCached = !string.IsNullOrEmpty(Request.Headers["If-Modified-Since"]); // Check to see if they have a cache
// Check for the cache
bool isCached = false;
string modifiedSince = Request.Headers["If-Modified-Since"];
if (!string.IsNullOrEmpty(modifiedSince))
{
DateTime modTime = new DateTime();
bool parsed = DateTime.TryParse(modifiedSince, out modTime);
if (parsed)
{
if ((modTime - dateUploaded).TotalSeconds <= 1)
{
isCached = true;
}
}
}
if (isCached)
{
// The file is cached, let's just 304 this
Response.StatusCode = 304;
Response.StatusDescription = "Not Modified";
Response.AddHeader("Content-Length", "0");
return Content(string.Empty);
return new EmptyResult();
}
else
{
@ -194,6 +204,9 @@ namespace Teknik.Areas.Upload.Controllers
if (System.IO.File.Exists(filePath))
{
#region Range Calculation
// Are they downloading it by range?
bool byRange = !string.IsNullOrEmpty(Request.ServerVariables["HTTP_RANGE"]); // We do not support ranges
// check to see if we need to pass a specified range
if (byRange)
{
@ -274,7 +287,7 @@ namespace Teknik.Areas.Upload.Controllers
Response.AddHeader("Content-Disposition", cd.ToString());
// Apply content security policy for downloads
Response.AddHeader("Content-Security-Policy", "default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; media-src 'self'; child-src 'self'; form-action 'none';");
Response.AddHeader("Content-Security-Policy", "default-src 'none'; script-src 'none'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; media-src 'self'; child-src 'self'; form-action 'none';");
// Read in the file
FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read);

View File

@ -55,7 +55,6 @@ namespace Teknik.Controllers
this.InvokeHttp404(HttpContext);
}
[HttpGet]
[AllowAnonymous]
public ActionResult InvokeHttp404(HttpContextBase httpContext)
{
@ -73,7 +72,6 @@ namespace Teknik.Controllers
}
// Get the Favicon
[HttpGet]
[AllowAnonymous]
public ActionResult Favicon()
{
@ -83,7 +81,6 @@ namespace Teknik.Controllers
}
// Get the Logo
[HttpGet]
[AllowAnonymous]
public ActionResult Logo()
{
@ -93,7 +90,6 @@ namespace Teknik.Controllers
}
// Get the Robots.txt
[HttpGet]
[AllowAnonymous]
public ActionResult Robots()
{
@ -102,7 +98,6 @@ namespace Teknik.Controllers
return File(file, "text/plain");
}
[HttpGet]
[AllowAnonymous]
public ActionResult NotFound()
{

View File

@ -159,6 +159,7 @@ namespace Teknik
routeData.DataTokens.Add("namespaces", new[] { typeof(ErrorController).Namespace });
routeData.DataTokens.Add("area", "Error");
routeData.Values.Add("controller", "Error");
routeData.Values.Add("scheme", "https");
if (httpException == null)
{