protected override async Task ProcessAsync(HttpContext context, bool useMinification, bool useCompression) { HttpResponse response = context.Response; IFeatureCollection features = context.Features; Stream originalStream = response.Body; IHttpBufferingFeature originalBufferFeature = features.Get <IHttpBufferingFeature>(); var bodyWrapperStream = new BodyWrapperStreamWithBufferingFeature(context, originalStream, _options, useMinification ? _minificationManagers : new List <IMarkupMinificationManager>(), useCompression ? _compressionManager : null, originalBufferFeature); response.Body = bodyWrapperStream; features.Set <IHttpBufferingFeature>(bodyWrapperStream); try { await _next(context); await bodyWrapperStream.FinishAsync(); } finally { bodyWrapperStream.Dispose(); response.Body = originalStream; features.Set(originalBufferFeature); } }
/// <summary> /// Constructs an instance of the stream wrapper with HTTP buffering feature /// </summary> /// <param name="context">HTTP context</param> /// <param name="originalStream">Original stream</param> /// <param name="options">WebMarkupMin configuration</param> /// <param name="minificationManagers">List of markup minification managers</param> /// <param name="compressionManager">HTTP compression manager</param> /// <param name="bufferingFeature">HTTP buffering feature</param> internal BodyWrapperStreamWithBufferingFeature(HttpContext context, Stream originalStream, WebMarkupMinOptions options, IList <IMarkupMinificationManager> minificationManagers, IHttpCompressionManager compressionManager, IHttpBufferingFeature bufferingFeature) : base(context, originalStream, options, minificationManagers, compressionManager) { _bufferingFeature = bufferingFeature; }
public async Task Invoke(HttpContext context) { if (context.Request.Headers["Accept"] == "text/event-stream") { var t = Task.Delay(-1); IHttpBufferingFeature bufferingFeature = context.Features.Get <IHttpBufferingFeature>(); if (bufferingFeature != null) { bufferingFeature.DisableResponseBuffering(); } context.Response.ContentType = "text/event-stream"; context.Response.Headers.Add("Access-Control-Allow-Origin", "*"); context.Response.Body.Flush(); while (!context.RequestAborted.WaitHandle.GetSafeWaitHandle().IsClosed) { string data = "id: 123456\nevent: message\ndata:now time: " + DateTime.Now + "\n\n"; await context.Response.WriteAsync(data); Thread.Sleep(2000); } } else { } }
private void DisableResponseBuffering(HttpContext context) { IHttpBufferingFeature bufferingFeature = context.Features.Get <IHttpBufferingFeature>(); if (bufferingFeature != null) { bufferingFeature.DisableResponseBuffering(); } }
public void DisableResponseBuffering() { IHttpBufferingFeature bufferingFeature = currentResponse.Features.Get <IHttpBufferingFeature>(); if (bufferingFeature != null) { bufferingFeature.DisableResponseBuffering(); } }
internal BodyWrapperStream(HttpContext context, Stream bodyOriginalStream, IResponseCompressionProvider provider, IHttpBufferingFeature innerBufferFeature, IHttpSendFileFeature innerSendFileFeature) { _context = context; _bodyOriginalStream = bodyOriginalStream; _provider = provider; _innerBufferFeature = innerBufferFeature; _innerSendFileFeature = innerSendFileFeature; }
internal BodyWrapperStream(HttpContext context, Stream bodyOriginalStream, IProxyStreamProvider provider, IHttpBufferingFeature innerBufferFeature, IHttpSendFileFeature innerSendFileFeature) { _context = context; _bodyOriginalStream = bodyOriginalStream; _provider = provider; _innerBufferFeature = innerBufferFeature; _innerSendFileFeature = innerSendFileFeature; EnableFlush = false; }
/// <summary> /// Constructs an instance of the stream wrapper /// </summary> /// <param name="context">HTTP context</param> /// <param name="originalStream">Original stream</param> /// <param name="options">WebMarkupMin configuration</param> /// <param name="minificationManagers">List of markup minification managers</param> /// <param name="compressionManager">HTTP compression manager</param> /// <param name="bufferingFeature">HTTP buffering feature</param> internal BodyWrapperStream(HttpContext context, Stream originalStream, WebMarkupMinOptions options, IList <IMarkupMinificationManager> minificationManagers, IHttpCompressionManager compressionManager, IHttpBufferingFeature bufferingFeature) { _context = context; _originalStream = originalStream; _options = options; _minificationManagers = minificationManagers; _compressionManager = compressionManager; _bufferingFeature = bufferingFeature; }
private void DisableResponseBuffering(HttpContext context) { #if !NETCOREAPP2_1 && !NET461 IHttpResponseBodyFeature responseBodyFeature = context.Features.Get <IHttpResponseBodyFeature>(); if (responseBodyFeature != null) { responseBodyFeature.DisableBuffering(); } #else IHttpBufferingFeature bufferingFeature = context.Features.Get <IHttpBufferingFeature>(); if (bufferingFeature != null) { bufferingFeature.DisableResponseBuffering(); } #endif }
public async Task Invoke(HttpContext context) { bool useMinification = _options.IsMinificationEnabled() && _minificationManagers.Count > 0; bool useCompression = _options.IsCompressionEnabled() && _compressionManager != null; if (!useMinification && !useCompression) { await _next.Invoke(context); return; } else { HttpResponse response = context.Response; IFeatureCollection features = context.Features; Stream originalStream = response.Body; IHttpBufferingFeature originalBufferFeature = features.Get <IHttpBufferingFeature>(); BodyWrapperStream bodyWrapperStream = new BodyWrapperStream(context, originalStream, _options, useMinification ? _minificationManagers : new List <IMarkupMinificationManager>(), useCompression ? _compressionManager : null, originalBufferFeature); response.Body = bodyWrapperStream; features.Set <IHttpBufferingFeature>(bodyWrapperStream); try { await _next(context); await bodyWrapperStream.Finish(); } finally { #if NETCOREAPP3_0 await bodyWrapperStream.DisposeAsync(); #else bodyWrapperStream.Dispose(); #endif response.Body = originalStream; features.Set(originalBufferFeature); } } }
public void Configure(IApplicationBuilder app, IHostingEnvironment env) { using (var scope = app.ApplicationServices.GetRequiredService <IServiceScopeFactory>().CreateScope()) { scope.ServiceProvider.GetService <ApplicationDbContext>().Database.Migrate(); } var pipeline = new AggregatedFilterPipeline(); app .UseForwardedHeaders(new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto, KnownNetworks = { new IPNetwork(new IPAddress(new byte[] { 127, 0, 0, 1 }), 32) } }) .Use(async(context, next) => { var flareContext = new FlaggableFlareContext(new FlareContext() { request = new FlareRequest() { date = DateTimeOffset.Now, http_version = (int)(double.Parse(context.Request.Protocol.Substring(5)) * 10), identity = "-", ip = context.Connection.RemoteIpAddress.ToString(), method = context.Request.Method, path = context.Request.Path.Value, query_string = context.Request.QueryString.Value, userid = "-" }, response = null }); var domain = context.Request.Headers["host"]; // Flare CDN logic if (domain != "localhost:5000" && domain != "api.flare.wtf") { var db = context.RequestServices.GetRequiredService <ApplicationDbContext>(); var server = await db.servers .Where(a => a.proxy_active && a.domains.Any(b => b.domain == domain)) .FirstOrDefaultAsync(); if (server == null) { context.Response.StatusCode = 404; await context.Response.WriteAsync("The requested resource is not found. That's all we know."); return; } var ip = await context.RequestServices.GetRequiredService <GeoIpService>() .Query(flareContext.Context.request.ip); var db_request = new request { server_id = server.id, ip_id = ip.id, request_identity = flareContext.Context.request.identity, request_user_id = flareContext.Context.request.userid, request_date = flareContext.Context.request.date, request_method = flareContext.Context.request.method, request_path = flareContext.Context.request.path, request_query_string = flareContext.Context.request.query_string, request_http_version = flareContext.Context.request.http_version, // response_code = flareContext.Context.response?.status_code, // response_length = flareContext.Context.response?.bytes_sent, // flags = flareContext.Flags }; db.requests.Add(db_request); if (await pipeline.ProcessRequest(flareContext) && server.proxy_block_requests) { await db.SaveChangesAsync(); db_request.response_code = 418; db_request.flags = flareContext.Flags; await db.SaveChangesAsync(); var text = $"418 - I am a teapot. Your request #{db_request.id} is failed because of security checks. Contact the website owner with this number if you think this was a mistake."; db_request.response_length = text.Length; context.Response.StatusCode = 418; await context.Response.WriteAsync(text); return; } db_request.flags = flareContext.Flags; using (var httpClient = new HttpClient()) { httpClient.DefaultRequestHeaders.Clear(); foreach (var header in context.Request.Headers .Where(a => !a.Key.StartsWith("X-"))) { httpClient.DefaultRequestHeaders.Add(header.Key, header.Value.ToArray()); } httpClient.DefaultRequestHeaders.Add("X-Forwarded-For", context.Connection.RemoteIpAddress.ToString()); using (var _req = new HttpRequestMessage( context.Request.Method == "GET" ? HttpMethod.Get : context.Request.Method == "POST" ? HttpMethod.Post : context.Request.Method == "DELETE" ? HttpMethod.Delete : context.Request.Method == "PUT" ? HttpMethod.Put : context.Request.Method == "PATCH" ? HttpMethod.Patch : context.Request.Method == "TRACE" ? HttpMethod.Trace : context.Request.Method == "OPTIONS" ? HttpMethod.Options : throw new Exception("invalid method") , $"http://{server.origin_ip}{context.Request.Path}{context.Request.QueryString}")) { _req.Headers.Host = domain; using (var response = await httpClient.SendAsync(_req)) { db_request.response_code = context.Response.StatusCode = (int)response.StatusCode; foreach (var header in response.Headers .Where(a => a.Key != "Transfer-Encoding")) { context.Response.Headers.Add(header.Key, new StringValues(header.Value.ToArray())); } foreach (var header in response.Content.Headers) { context.Response.Headers.Add(header.Key, new StringValues(header.Value.ToArray())); } using (var streamWithProgess = new StreamWithProgress(context.Response.Body)) { await response.Content.CopyToAsync(streamWithProgess); await context.Response.Body.FlushAsync(); context.Response.Body.Close(); db_request.response_length = (int)streamWithProgess.bytesTotal; await db.SaveChangesAsync(); } } } } } else { if (await pipeline.ProcessRequest(flareContext)) { var text = $"418 - I am a teapot. Your request is failed because of security checks. If you think it was a mistake contact [email protected]"; context.Response.StatusCode = 418; await context.Response.WriteAsync(text); return; } await next(); } }) .UseCors(policy => policy.SetPreflightMaxAge(TimeSpan.FromMinutes(10)).AllowAnyMethod().AllowAnyOrigin().AllowAnyHeader()) .UseStaticFiles(new StaticFileOptions { FileProvider = new PhysicalFileProvider(Path.Combine(Directory.GetCurrentDirectory(), "../uploads")), RequestPath = new PathString("/uploads") }) .Use(async(context, next) => { IHttpBufferingFeature bufferingFeature = context.Features.Get <IHttpBufferingFeature>(); bufferingFeature?.DisableRequestBuffering(); bufferingFeature?.DisableResponseBuffering(); try { await next(); } catch (Exception e) { context.Response.StatusCode = e is NotImplementedException ? 404 : e is UnauthorizedAccessException || e is SecurityTokenValidationException ? 401 : e is ArgumentException ? 400 : 500; context.Response.ContentType = "application/json; charset=utf-8"; string message = ""; Exception x = e; do { message += x.Message + "\r\n\r\n"; } while ((x = x.InnerException) != null); await context.Response.WriteAsync(JsonConvert.SerializeObject(new { code = -1, message = message.Substring(0, message.Length - 4), stacktrace = e.StackTrace })); } }) .Use(async(context, next) => { Token token = null; string strToken = context.Request.Query["token"]; if (strToken == null) { string authorization = context.Request.Headers["Authorization"]; if (authorization != null) { if (authorization.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase)) { strToken = authorization.Substring("Bearer ".Length).Trim(); } else if (authorization.StartsWith("Basic ")) { var encoding = Encoding.UTF8.GetString(Convert.FromBase64String(authorization.Substring("Basic ".Length))).Split(':'); if (encoding.Length != 2) { throw new UnauthorizedAccessException(); } var username = encoding[0]; var password = encoding[1]; token = await personal_token_cache.GetAsync(username + ":" + password, async() => { var db = context.RequestServices.GetRequiredService <ApplicationDbContext>(); var _code = AccountController.StringToByteArrayFastest(username); var id = new Guid(_code.ToArray()); var app2 = await db.pacs .Include(a => a.user) .SingleOrDefaultAsync(b => b.id == id); if (app2 == null || app2.password_hash == null || !app2.password_hash.SequenceEqual( KeyDerivation.Pbkdf2( password: password, salt: app2.password_salt, iterationCount: 10000, numBytesRequested: 256 / 8, prf: KeyDerivationPrf.HMACSHA1 ) )) { throw new UnauthorizedAccessException(); } return(await token_cache.GetAsync(app2.user.id.ToString(), () => Task.FromResult <Token>(new UserToken(app2.user.id, app2.user.name, app2.user.type)), TimeSpan.FromDays(3))); }, TimeSpan.FromDays(3)); } } } if (strToken != null) { var a = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler(); var claims = a.ValidateToken(strToken, new TokenValidationParameters { ValidateAudience = true, ValidIssuer = "Flare", ValidAudience = "Flare Users", IssuerSigningKey = _key }, out SecurityToken _); context.User = claims; var strID = context.User?.Claims?.FirstOrDefault(b => b.Type == "user_id")?.Value; if (Int32.TryParse(strID, out int dwID)) { token = await token_cache.GetAsync(strID, async() => { var db = context.RequestServices.GetRequiredService <ApplicationDbContext>(); var app2 = await db.users.SingleAsync(b => b.id == dwID); return(new UserToken(app2.id, app2.name, app2.type)); }, TimeSpan.FromDays(3)); } } context.AddScoped(() => { if (token == null) { throw new UnauthorizedAccessException(); } return(token); }); await next(); }) .UseMvc(); }
internal HttpBufferingFeature(BufferingWriteStream buffer, IHttpBufferingFeature innerFeature) { _buffer = buffer; _innerFeature = innerFeature; }