protected virtual byte[] OnPOST(WebSubmission values)
{
WebFile wfile = null;
WebPage outpage = null;
string retstring = "";
if (
this.AuthRequired &&
!this._auth_exempt_paths.Contains(values.RawUrl) &&
(null == values.GetCookieIn("auth_token") ||
!this.IsLoggedIn(null, values.GetCookieIn("auth_token").Value))
)
{
throw new WebRedirectException(this.AuthPageURL);
}
wfile = this._vfilesystem.GetFileByPath(values.RawUrl);
if (null == wfile)
{
throw new WebHTTPException(WebHTTPResponseCode.WEB_HTTP_404_NOT_FOUND, values.RawUrl);
}
else if (null != wfile.GetRootWebPage())
{
// This is a WebPage derived from WebComponent.
outpage = (WebPage)wfile.GetRootWebPage().ToCopy();
if (this._component_render_handlers.ContainsKey(values.RawUrl))
{
this._component_render_handlers[values.RawUrl](outpage, values);
}
// Adjust the fetched page with submission returns.
outpage.SubmitContainer(this, null, values);
retstring = outpage.Render(values);
}
else
{
// This is just a WebFile.
retstring = wfile.ToString();
}
// TODO: Return binary bytes if wfile is binary.
return(Encoding.UTF8.GetBytes(retstring));
}
public override void SubmitContainer(WebServer server, WebComponent source, WebSubmission values)
{
string proc_xsrf_key = String.Format("proc_xsrf_{0}", this.ID);
string proc_xsrf_cookie = values.GetCookieIn(proc_xsrf_key).Value;
string proc_xsrf_form = values.PostData[proc_xsrf_key][0];
if (!proc_xsrf_form.Equals(proc_xsrf_cookie))
{
throw new WebHTTPException(WebHTTPResponseCode.WEB_HTTP_403_ACCESS_DENIED, values.RawUrl);
}
else
{
this.SubmitChildren(server, source, values);
}
}
