Browse Source

- Added better cache check for downloads.

- Fixed error redirects not forcing https
tags/3.0.0
Teknikode 2 years ago
parent
commit
7070128efb

+ 29
- 54
Teknik/Areas/Error/Controllers/ErrorController.cs View File

@@ -30,13 +30,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}

string errorMessage = "General Exception";
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}

Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
LogError(LogLevel.Error, "General Exception", exception);

ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
@@ -57,13 +51,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}

string errorMessage = "General HTTP Exception";
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}

Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
LogError(LogLevel.Error, "General HTTP Exception", exception);

ErrorViewModel model = new ErrorViewModel();
model.Description = exception.Message;
@@ -84,13 +72,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}

string errorMessage = "Unauthorized";
if (Request != null && Request.Url != null)
{
errorMessage += " for page: " + Request.Url.AbsoluteUri;
}

Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
LogError(LogLevel.Error, "Unauthorized", exception);

ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
@@ -110,13 +92,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}

string errorMessage = "Access Denied";
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}

Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
LogError(LogLevel.Error, "Access Denied", exception);

ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
@@ -136,24 +112,7 @@ namespace Teknik.Areas.Error.Controllers
Response.TrySkipIisCustomErrors = true;
}

string errorMessage = "Page Not Found";

if (Request != null)
{
if (Request.Url != null)
{
errorMessage += " for page: " + Request.Url.AbsoluteUri;
}

if (Request.UrlReferrer != null)
{
errorMessage += " | for referred page: " + Request.Url.AbsoluteUri;
}

errorMessage += " | using Method: " + Request.HttpMethod;
}

Logger.WriteEntry(LogLevel.Warning, errorMessage, exception);
LogError(LogLevel.Warning, "Page Not Found", exception);

ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;
@@ -173,19 +132,35 @@ namespace Teknik.Areas.Error.Controllers
Response.StatusCode = 500;
Response.TrySkipIisCustomErrors = true;
}

string errorMessage = "Server Error";
if (Request != null && Request.Url != null)
{
errorMessage += " on page: " + Request.Url.AbsoluteUri;
}

Logger.WriteEntry(LogLevel.Error, errorMessage, exception);
LogError(LogLevel.Error, "Server Error", exception);

ErrorViewModel model = new ErrorViewModel();
model.Exception = exception;

return View("~/Areas/Error/Views/Error/Http500.cshtml", model);
}

private void LogError(LogLevel level, string message, Exception exception)
{
if (Request != null)
{
if (Request.Url != null)
{
message += " | Url: " + Request.Url.AbsoluteUri;
}

if (Request.UrlReferrer != null)
{
message += " | Referred Url: " + Request.Url.AbsoluteUri;
}
message += " | Method: " + Request.HttpMethod;

message += " | User Agent: " + Request.UserAgent;
}

Logger.WriteEntry(level, message, exception);
}
}
}

+ 20
- 7
Teknik/Areas/Upload/Controllers/UploadController.cs View File

@@ -171,18 +171,28 @@ namespace Teknik.Areas.Upload.Controllers
}
else // We have the key, so that means server side decryption
{
// Are they downloading it by range?
bool byRange = !string.IsNullOrEmpty(Request.ServerVariables["HTTP_RANGE"]); // We do not support ranges
bool isCached = !string.IsNullOrEmpty(Request.Headers["If-Modified-Since"]); // Check to see if they have a cache
// Check for the cache
bool isCached = false;
string modifiedSince = Request.Headers["If-Modified-Since"];
if (!string.IsNullOrEmpty(modifiedSince))
{
DateTime modTime = new DateTime();
bool parsed = DateTime.TryParse(modifiedSince, out modTime);
if (parsed)
{
if ((modTime - dateUploaded).TotalSeconds <= 1)
{
isCached = true;
}
}
}

if (isCached)
{
// The file is cached, let's just 304 this
Response.StatusCode = 304;
Response.StatusDescription = "Not Modified";
Response.AddHeader("Content-Length", "0");
return Content(string.Empty);
return new EmptyResult();
}
else
{
@@ -194,6 +204,9 @@ namespace Teknik.Areas.Upload.Controllers
if (System.IO.File.Exists(filePath))
{
#region Range Calculation
// Are they downloading it by range?
bool byRange = !string.IsNullOrEmpty(Request.ServerVariables["HTTP_RANGE"]); // We do not support ranges

// check to see if we need to pass a specified range
if (byRange)
{
@@ -274,7 +287,7 @@ namespace Teknik.Areas.Upload.Controllers
Response.AddHeader("Content-Disposition", cd.ToString());

// Apply content security policy for downloads
Response.AddHeader("Content-Security-Policy", "default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; media-src 'self'; child-src 'self'; form-action 'none';");
Response.AddHeader("Content-Security-Policy", "default-src 'none'; script-src 'none'; style-src 'self'; img-src 'self'; font-src 'self'; connect-src 'self'; media-src 'self'; child-src 'self'; form-action 'none';");

// Read in the file
FileStream fs = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read);

+ 2
- 7
Teknik/Controllers/DefaultController.cs View File

@@ -54,8 +54,7 @@ namespace Teknik.Controllers
{
this.InvokeHttp404(HttpContext);
}

[HttpGet]
[AllowAnonymous]
public ActionResult InvokeHttp404(HttpContextBase httpContext)
{
@@ -73,7 +72,6 @@ namespace Teknik.Controllers
}

// Get the Favicon
[HttpGet]
[AllowAnonymous]
public ActionResult Favicon()
{
@@ -83,7 +81,6 @@ namespace Teknik.Controllers
}

// Get the Logo
[HttpGet]
[AllowAnonymous]
public ActionResult Logo()
{
@@ -93,7 +90,6 @@ namespace Teknik.Controllers
}

// Get the Robots.txt
[HttpGet]
[AllowAnonymous]
public ActionResult Robots()
{
@@ -101,8 +97,7 @@ namespace Teknik.Controllers
string file = Server.MapPath(Constants.ROBOTS_PATH);
return File(file, "text/plain");
}

[HttpGet]
[AllowAnonymous]
public ActionResult NotFound()
{

+ 1
- 0
Teknik/Global.asax.cs View File

@@ -159,6 +159,7 @@ namespace Teknik
routeData.DataTokens.Add("namespaces", new[] { typeof(ErrorController).Namespace });
routeData.DataTokens.Add("area", "Error");
routeData.Values.Add("controller", "Error");
routeData.Values.Add("scheme", "https");

if (httpException == null)
{

Loading…
Cancel
Save