private static string GetContextId(HttpRequestBase request, CapttiaSection config, Encryption encryption) { var contextId = AnonymousIdentifier.GetContextId(request.RequestContext.HttpContext); // Check for existing cookie var existingCookie = request.Cookies[config.CookieName]; if (existingCookie != null) { var cookieId = existingCookie.Value; if (!string.IsNullOrWhiteSpace(cookieId)) { try { var decryptedCookieId = encryption.Decrypt(cookieId, config.PassPhraseB); var cookieBrowserId = AnonymousIdentifier.GetBrowserStampFromId(decryptedCookieId); var contextBrowserId = AnonymousIdentifier.GetBrowserStampFromId(contextId); if (cookieBrowserId.Equals(contextBrowserId)) { contextId = decryptedCookieId; } } catch (CryptographicException) { request.Cookies[config.CookieName].Expires = DateTime.Today.AddDays(-1); } } } return contextId; }
private string GetFormId(CapttiaSection config, ActionExecutingContext filterContext) { var formId = filterContext.HttpContext.Request.Params[config.ModuleName]; if (string.IsNullOrWhiteSpace(formId)) { return string.Empty; } var decryptedFormId = _encryption.Decrypt(formId, config.PassPhrase); return decryptedFormId; }
private string GetCookieId(CapttiaSection config, ActionExecutingContext filterContext) { var cookieId = filterContext.HttpContext.Request.Cookies[config.CookieName].Value; if (string.IsNullOrWhiteSpace(cookieId)) { return string.Empty; } var decryptedCookieId = _encryption.Decrypt(cookieId, config.PassPhraseB); return decryptedCookieId; }
private string GetFormId(CapttiaSection config, ActionExecutingContext filterContext) { var formId = filterContext.HttpContext.Request.Params[config.ModuleName]; if (string.IsNullOrWhiteSpace(formId)) { return(string.Empty); } var decryptedFormId = _encryption.Decrypt(formId, config.PassPhrase); return(decryptedFormId); }
private string GetCookieId(CapttiaSection config, ActionExecutingContext filterContext) { var cookieId = filterContext.HttpContext.Request.Cookies[config.CookieName].Value; if (string.IsNullOrWhiteSpace(cookieId)) { return(string.Empty); } var decryptedCookieId = _encryption.Decrypt(cookieId, config.PassPhraseB); return(decryptedCookieId); }
private bool IsValidRequest(CapttiaSection config, ActionExecutingContext filterContext) { try { var honeyPot = filterContext.HttpContext.Request.Params[config.ModuleName + "Value"]; if (!string.IsNullOrWhiteSpace(honeyPot)) { return false; } return IsValidToken(config, filterContext); } catch (Exception) { return false; } }
private bool IsValidRequest(CapttiaSection config, ActionExecutingContext filterContext) { try { var honeyPot = filterContext.HttpContext.Request.Params[config.ModuleName + "Value"]; if (!string.IsNullOrWhiteSpace(honeyPot)) { return(false); } return(IsValidToken(config, filterContext)); } catch (Exception) { return(false); } }
private bool IsValidToken(CapttiaSection config, ActionExecutingContext filterContext) { string decryptedCookieId = GetCookieId(config, filterContext); string decryptedFormId = GetFormId(config, filterContext); string actualBrowserId = GetBrowserId(filterContext); if (!string.IsNullOrWhiteSpace(decryptedCookieId) && !string.IsNullOrWhiteSpace(decryptedFormId)) { var cookieBrowserId = AnonymousIdentifier.GetBrowserStampFromId(decryptedCookieId); var formBrowserId = AnonymousIdentifier.GetBrowserStampFromId(decryptedFormId); bool cookieMatchesForm = decryptedCookieId == decryptedFormId; bool browserMatches = (actualBrowserId == cookieBrowserId); return (cookieMatchesForm && browserMatches); } return false; }
private bool IsValidToken(CapttiaSection config, ActionExecutingContext filterContext) { string decryptedCookieId = GetCookieId(config, filterContext); string decryptedFormId = GetFormId(config, filterContext); string actualBrowserId = GetBrowserId(filterContext); if (!string.IsNullOrWhiteSpace(decryptedCookieId) && !string.IsNullOrWhiteSpace(decryptedFormId)) { var cookieBrowserId = AnonymousIdentifier.GetBrowserStampFromId(decryptedCookieId); var formBrowserId = AnonymousIdentifier.GetBrowserStampFromId(decryptedFormId); bool cookieMatchesForm = decryptedCookieId == decryptedFormId; bool browserMatches = (actualBrowserId == cookieBrowserId); return(cookieMatchesForm && browserMatches); } return(false); }