protected virtual string GetRequestInfoJavaScript(string webScreenKey, string webScreenName)
{
var info = AppInfo.GetAppInfo();
using (var writer = new StringWriter()) {
writer.Write(" <script id=\"_OSrequestInfoScript\" type=\"text/javascript\">(function(global) { ");
writer.Write("global.outsystems = global.outsystems || {};");
writer.Write("global.outsystems.internal = global.outsystems.internal || {};");
if (Settings.GetBool(Settings.Configs.JavascriptAPI_ShowHiddenFields))
{
writer.Write("global.outsystems.internal.showHiddenFields = true;");
}
writer.Write("global.outsystems.internal.requestInfo = {");
// #564602 OSVisit and OSVisitor cookies allow HTML injection -check if cookies' value was modified
writer.Write("visitorKey:'{0}',", GuidUtils.IsGuid(info.VisitorId) ? info.VisitorId : "");
writer.Write("visitKey:'{0}',", GuidUtils.IsGuid(info.VisitId) ? info.VisitId : "");
writer.Write("sessionKey:'{0}',", info.OsContext.Session.SessionIDHash);
writer.Write("userKey:'{0}',", info.OsContext.Session.UserIdGuid);
var perfTracer = info.OsContext.RequestTracer;
bool perfTracerExists = perfTracer != null;
writer.Write("requestKey:'{0}',", (perfTracerExists) ? perfTracer.RequestKey : "");
writer.Write("webScreenKey:'{0}',", ObjectKeyUtils.DatabaseValue(ObjectKey.Parse(webScreenKey)));
writer.Write("webScreenName:'{0}',", webScreenName);
writer.Write("espaceKey:'{0}',", (perfTracerExists) ? perfTracer.ModuleKey : info.eSpaceUID);
writer.Write("espaceName:'{0}',", (perfTracerExists) ? perfTracer.ModuleName : info.eSpaceName);
writer.Write("applicationKey:'{0}',", (perfTracerExists) ? perfTracer.ApplicationKey : info.ApplicationUID);
writer.Write("applicationName:'{0}',", (perfTracerExists) ? perfTracer.ApplicationName : info.ApplicationName);
writer.Write("tenantKey:'{0}',", (perfTracerExists) ? perfTracer.TenantKey : info.Tenant.Id_Guid);
writer.Write("tenantName:'{0}',", (perfTracerExists) ? perfTracer.TenantName : info.Tenant.Name);
writer.Write("environmentKey:'{0}',", (perfTracerExists) ? perfTracer.EnvironmentKey : info.EnvironmentKey);
writer.Write("environmentName:'{0}',", (perfTracerExists) ? perfTracer.EnvironmentName : info.EnvironmentName);
if (Settings.GetBool(Settings.Configs.JavascriptAPI_ShowHiddenFields))
{
writer.Write("username:'******',", info.OsContext.Session.UserName);
writer.Write("frontendName:'{0}',", (perfTracerExists) ? perfTracer.FrontEndName : info.FrontendName);
}
// #664816 - When the host serial on OSSYS_SERVER is different from the one in the windows registry the FrontendName will not be read from the DB.
// We do a null check here to prevent this not vital information from stopping the application load.
string value = null;
if (perfTracerExists)
{
value = string.IsNullOrEmpty(perfTracer.FrontEndName) ? "" :
SecureConfidentialInformationEncryption.EncryptWithAlgorithm(perfTracer.FrontEndName, SecureConfidentialInformationEncryption.FixedKeyAES128.Instance);
}
else
{
value = string.IsNullOrEmpty(info.FrontendName) ? "" :
SecureConfidentialInformationEncryption.EncryptWithAlgorithm(info.FrontendName, SecureConfidentialInformationEncryption.FixedKeyAES128.Instance);
}
writer.Write("frontendKey:'{0}'", value);
writer.Write("}");
writer.Write("})(this);");
writer.Write("</script>\n");
return(writer.ToString());
}
}
public static string DecryptStringForUpgrade(string text)
{
if (text != null)
{
try {
return(SecureConfidentialInformationEncryption.DecryptForUpgrade(text));
} catch (Exception e) {
//probably not encrypted
OSTrace.Error("Decrypting for upgrade", e);
}
}
return(text);
}
public static void SetFor(IRuntimeDatabaseConfiguration conf, DatabaseSettingsSerialization.Source source, DatabaseSettingsSerialization.User user, Action <string, string> setter)
{
var prefix = DatabaseConfigurations.SettingPrefix + "." + source + "." + user + ".";
setter(prefix + DatabaseConfigurations.ProviderKeyName, conf.ProviderKey().Serialize());
var wrapper = new MetaDatabaseConfiguration(conf);
foreach (var param in wrapper.PersistableParameters)
{
setter(prefix + param.Name,
param.Encrypt? SecureConfidentialInformationEncryption.EncryptMaintainingCompatibility(param.Get()): param.Get());
}
}
internal static void Fill(object conf, Dictionary <string, object> @params)
{
var meta = new MetaDatabaseConfiguration(conf);
foreach (var p in @params)
{
var setter = meta.GetParameter(p.Key);
if (setter != null)
{
object value = p.Value;
string strValue = (value == null)? null: value.ToString();
setter.Set(setter.Encrypt ? SecureConfidentialInformationEncryption.TryDecryptString(strValue) : strValue);
}
}
}
public static string EncryptMaintainingCompatibility(string text)
{
return(SecureConfidentialInformationEncryption.EncryptMaintainingCompatibility(text));
}
public static void ClearSettingsEncryptionKeyCaches()
{
SecureConfidentialInformationEncryption.ClearEncryptionKeyCaches();
}
public static string Encrypt(string password, Version targetServerVersion)
{
return(ENCRYPTED_SYMMETRIC_PREFIX
+ SecureConfidentialInformationEncryption.EncryptWithAlgorithm(password, SecureConfidentialInformationEncryption.FixedKeyAES128.Instance));
}
