private bool IsValidRequest(HttpContext context) { if (!CollectRequestInformation(context)) { return(true); } // check captcha after cookie validation to capture vid if (!string.IsNullOrEmpty(rawCaptchaCookie)) { return(CheckCaptchaCookie(context)); } // validate using risk cookie RiskCookie riskCookie; var reason = CheckValidCookie(context, out riskCookie); if (reason == RiskRequestReasonEnum.NONE) { this.vid = riskCookie.Vid; this.uuid = riskCookie.Uuid; // valid cookie, check if to block or not if (IsBlockScores(riskCookie.Scores)) { this.blockReason = BlockReasonEnum.COOKIE_HIGH_SCORE; Debug.WriteLine(string.Format("Request blocked by risk cookie UUID {0}, VID {1} - {2}", this.uuid, riskCookie.Vid, context.Request.Url.AbsoluteUri), LOG_CATEGORY); return(false); } return(true); } // validate using server risk api var risk = CallRiskApi(context, reason); if (risk != null && risk.Scores != null && risk.Status == 0 && IsBlockScores(risk.Scores)) { this.uuid = risk.Uuid; this.blockReason = BlockReasonEnum.RISK_HIGH_SCORE; Debug.WriteLine(string.Format("Request blocked by risk api UUID {0} - {1}", this.uuid, context.Request.Url.AbsoluteUri), LOG_CATEGORY); return(false); } return(true); }
private bool CollectRequestInformation(HttpContext context) { try { requestSocketIP = GetSocketIP(context); uuid = null; vid = null; blockReason = BlockReasonEnum.NONE; rawCaptchaCookie = null; // capture risk cookie var pxCookie = context.Request.Cookies.Get(cookieName); rawRiskCookie = pxCookie == null ? null : pxCookie.Value; // handle captche cookie if (captchaEnabled) { var captchaCookie = context.Request.Cookies.Get(CAPTCHA_COOKIE_NAME); if (captchaCookie != null && !string.IsNullOrEmpty(captchaCookie.Value)) { var captchaCookieParts = captchaCookie.Value.Split(new char[] { ':' }, 2); if (captchaCookieParts.Length == 2) { rawCaptchaCookie = captchaCookieParts[0]; vid = captchaCookieParts[1]; var expiredCookie = new HttpCookie(CAPTCHA_COOKIE_NAME) { Expires = DateTime.Now.AddDays(-1) }; context.Response.Cookies.Add(expiredCookie); } } } return(true); } catch (Exception ex) { Debug.WriteLine(string.Format("Exception during collecting request information {0} - {1}", ex.Message, context.Request.Url.AbsoluteUri), LOG_CATEGORY); } return(false); }