protected override void OnInit(EventArgs e) { base.OnInit(e); var crl = new ClientResourceLoader(); Page.Form.Controls.Add(crl); Page.Form.Controls.Add(_phDependencies); _ltMiniProfiler = new LiteralControl(); Page.Form.Controls.Add(_ltMiniProfiler); HccPageHeaderProvider.Register(ClientDependencySettings.Instance); HccBodyProvider.Register(ClientDependencySettings.Instance); }
protected override void OnInit(EventArgs e) { base.OnInit(e); //First, check for the existence of the Anti-XSS cookie var requestCookie = Request.Cookies[AntiXsrfTokenKey]; Guid requestCookieGuidValue; //If the CSRF cookie is found, parse the token from the cookie. //Then, set the global page variable and view state user //key. The global variable will be used to validate that it matches //in the view state form field in the Page.PreLoad method. if (requestCookie != null && Guid.TryParse(requestCookie.Value, out requestCookieGuidValue)) { //Set the global token variable so the cookie value can be //validated against the value in the view state form field in //the Page.PreLoad method. _antiXsrfTokenValue = requestCookie.Value; //Set the view state user key, which will be validated by the //framework during each request Page.ViewStateUserKey = _antiXsrfTokenValue; } //If the CSRF cookie is not found, then this is a new session. else { //Generate a new Anti-XSRF token _antiXsrfTokenValue = Guid.NewGuid().ToString("N"); //Set the view state user key, which will be validated by the //framework during each request Page.ViewStateUserKey = _antiXsrfTokenValue; //Create the non-persistent CSRF cookie var responseCookie = new HttpCookie(AntiXsrfTokenKey) { //Set the HttpOnly property to prevent the cookie from //being accessed by client side script HttpOnly = true, //Add the Anti-XSRF token to the cookie value Value = _antiXsrfTokenValue }; //If we are using SSL, the cookie should be set to secure to //prevent it from being sent over HTTP connections if (System.Web.Security.FormsAuthentication.RequireSSL && Request.IsSecureConnection) { responseCookie.Secure = true; } //Add the CSRF cookie to the response Response.Cookies.Set(responseCookie); Page.PreLoad += master_Page_PreLoad; } //set global page settings InitializePage(); //load skin control and register UI js UI.Skins.Skin ctlSkin; if (PortalSettings.EnablePopUps) { ctlSkin = UrlUtils.InPopUp() ? UI.Skins.Skin.GetPopUpSkin(this) : UI.Skins.Skin.GetSkin(this); //register popup js JavaScript.RequestRegistration(CommonJs.jQueryUI); var popupFilePath = HttpContext.Current.IsDebuggingEnabled ? "~/js/Debug/dnn.modalpopup.js" : "~/js/dnn.modalpopup.js"; ClientResourceManager.RegisterScript(this, popupFilePath, FileOrder.Js.DnnModalPopup); } else { ctlSkin = UI.Skins.Skin.GetSkin(this); } // DataBind common paths for the client resource loader ClientResourceLoader.DataBind(); //check for and read skin package level doctype SetSkinDoctype(); //Manage disabled pages if (PortalSettings.ActiveTab.DisableLink) { if (TabPermissionController.CanAdminPage()) { var heading = Localization.GetString("PageDisabled.Header"); var message = Localization.GetString("PageDisabled.Text"); UI.Skins.Skin.AddPageMessage(ctlSkin, heading, message, ModuleMessage.ModuleMessageType.YellowWarning); } else { if (PortalSettings.HomeTabId > 0) { Response.Redirect(Globals.NavigateURL(PortalSettings.HomeTabId), true); } else { Response.Redirect(Globals.GetPortalDomainName(PortalSettings.PortalAlias.HTTPAlias, Request, true), true); } } } //Manage canonical urls if (PortalSettings.PortalAliasMappingMode == PortalSettings.PortalAliasMapping.CanonicalUrl) { string primaryHttpAlias = null; if (Config.GetFriendlyUrlProvider() == "advanced") //advanced mode compares on the primary alias as set during alias identification { if (PortalSettings.PrimaryAlias != null && PortalSettings.PortalAlias != null) { if (string.Compare(PortalSettings.PrimaryAlias.HTTPAlias, PortalSettings.PortalAlias.HTTPAlias, StringComparison.InvariantCulture) != 0) { primaryHttpAlias = PortalSettings.PrimaryAlias.HTTPAlias; } } } else //other modes just depend on the default alias { if (string.Compare(PortalSettings.PortalAlias.HTTPAlias, PortalSettings.DefaultPortalAlias, StringComparison.InvariantCulture) != 0) { primaryHttpAlias = PortalSettings.DefaultPortalAlias; } } if (primaryHttpAlias != null && string.IsNullOrEmpty(CanonicalLinkUrl))//a primary http alias was identified { var originalurl = Context.Items["UrlRewrite:OriginalUrl"].ToString(); CanonicalLinkUrl = originalurl.Replace(PortalSettings.PortalAlias.HTTPAlias, primaryHttpAlias); } } //check if running with known account defaults if (Request.IsAuthenticated && string.IsNullOrEmpty(Request.QueryString["runningDefault"]) == false) { var userInfo = HttpContext.Current.Items["UserInfo"] as UserInfo; //only show message to default users if ((userInfo.Username.ToLower() == "admin") || (userInfo.Username.ToLower() == "host")) { var messageText = RenderDefaultsWarning(); var messageTitle = Localization.GetString("InsecureDefaults.Title", Localization.GlobalResourceFile); UI.Skins.Skin.AddPageMessage(ctlSkin, messageTitle, messageText, ModuleMessage.ModuleMessageType.RedError); } } //add CSS links ClientResourceManager.RegisterDefaultStylesheet(this, string.Concat(Globals.HostPath, "default.css")); ClientResourceManager.RegisterIEStylesheet(this, string.Concat(Globals.HostPath, "ie.css")); ClientResourceManager.RegisterStyleSheet(this, string.Concat(ctlSkin.SkinPath, "skin.css"), FileOrder.Css.SkinCss); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinSrc.Replace(".ascx", ".css"), FileOrder.Css.SpecificSkinCss); //add skin to page SkinPlaceHolder.Controls.Add(ctlSkin); ClientResourceManager.RegisterStyleSheet(this, string.Concat(PortalSettings.HomeDirectory, "portal.css"), FileOrder.Css.PortalCss); //add Favicon ManageFavicon(); //ClientCallback Logic ClientAPI.HandleClientAPICallbackEvent(this); //add viewstateuserkey to protect against CSRF attacks if (User.Identity.IsAuthenticated) { ViewStateUserKey = User.Identity.Name; } //set the async postback timeout. if (AJAX.IsEnabled()) { AJAX.GetScriptManager(this).AsyncPostBackTimeout = Host.AsyncTimeout; } }
/// ----------------------------------------------------------------------------- /// <summary> /// Contains the functionality to populate the Root aspx page with controls /// </summary> /// <param name="e"></param> /// <remarks> /// - obtain PortalSettings from Current Context /// - set global page settings. /// - initialise reference paths to load the cascading style sheets /// - add skin control placeholder. This holds all the modules and content of the page. /// </remarks> /// ----------------------------------------------------------------------------- protected override void OnInit(EventArgs e) { base.OnInit(e); //set global page settings InitializePage(); //load skin control and register UI js UI.Skins.Skin ctlSkin; if (PortalSettings.EnablePopUps) { ctlSkin = IsPopUp ? UI.Skins.Skin.GetPopUpSkin(this) : UI.Skins.Skin.GetSkin(this); //register popup js jQuery.RegisterJQueryUI(Page); var popupFilePath = HttpContext.Current.IsDebuggingEnabled ? "~/js/Debug/dnn.modalpopup.js" : "~/js/dnn.modalpopup.js"; ClientResourceManager.RegisterScript(this, popupFilePath, FileOrder.Js.DnnModalPopup); } else { ctlSkin = UI.Skins.Skin.GetSkin(this); } // DataBind common paths for the client resource loader ClientResourceLoader.DataBind(); //check for and read skin package level doctype SetSkinDoctype(); //Manage disabled pages if (PortalSettings.ActiveTab.DisableLink) { if (TabPermissionController.CanAdminPage()) { var heading = Localization.GetString("PageDisabled.Header"); var message = Localization.GetString("PageDisabled.Text"); UI.Skins.Skin.AddPageMessage(ctlSkin, heading, message, ModuleMessage.ModuleMessageType.YellowWarning); } else { if (PortalSettings.HomeTabId > 0) { Response.Redirect(Globals.NavigateURL(PortalSettings.HomeTabId), true); } else { Response.Redirect(Globals.GetPortalDomainName(PortalSettings.PortalAlias.HTTPAlias, Request, true), true); } } } //Manage canonical urls if (PortalSettings.PortalAliasMappingMode == PortalSettings.PortalAliasMapping.CanonicalUrl) { string primaryHttpAlias = null; if (Config.GetFriendlyUrlProvider() == "advanced") //advanced mode compares on the primary alias as set during alias identification { if (PortalSettings.PrimaryAlias != null && PortalSettings.PortalAlias != null) { if (string.Compare(PortalSettings.PrimaryAlias.HTTPAlias, PortalSettings.PortalAlias.HTTPAlias, StringComparison.InvariantCulture) != 0) { primaryHttpAlias = PortalSettings.PrimaryAlias.HTTPAlias; } } } else //other modes just depend on the default alias { if (string.Compare(PortalSettings.PortalAlias.HTTPAlias, PortalSettings.DefaultPortalAlias, StringComparison.InvariantCulture) != 0) { primaryHttpAlias = PortalSettings.DefaultPortalAlias; } } if (primaryHttpAlias != null)//a primary http alias was identified { var originalurl = Context.Items["UrlRewrite:OriginalUrl"].ToString(); //Add Canonical <link> using the primary alias var canonicalLink = new HtmlLink(); canonicalLink.Href = originalurl.Replace(PortalSettings.PortalAlias.HTTPAlias, primaryHttpAlias); canonicalLink.Attributes.Add("rel", "canonical"); // Add the HtmlLink to the Head section of the page. Page.Header.Controls.Add(canonicalLink); } } //check if running with known account defaults var messageText = ""; if (Request.IsAuthenticated && string.IsNullOrEmpty(Request.QueryString["runningDefault"]) == false) { var userInfo = HttpContext.Current.Items["UserInfo"] as UserInfo; //only show message to default users if ((userInfo.Username.ToLower() == "admin") || (userInfo.Username.ToLower() == "host")) { messageText = RenderDefaultsWarning(); var messageTitle = Localization.GetString("InsecureDefaults.Title", Localization.GlobalResourceFile); UI.Skins.Skin.AddPageMessage(ctlSkin, messageTitle, messageText, ModuleMessage.ModuleMessageType.RedError); } } //add CSS links ClientResourceManager.RegisterDefaultStylesheet(this, Globals.HostPath + "default.css"); ClientResourceManager.RegisterIEStylesheet(this, Globals.HostPath + "ie.css"); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinPath + "skin.css", FileOrder.Css.SkinCss); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinSrc.Replace(".ascx", ".css"), FileOrder.Css.SpecificSkinCss); //add skin to page SkinPlaceHolder.Controls.Add(ctlSkin); ClientResourceManager.RegisterStyleSheet(this, PortalSettings.HomeDirectory + "portal.css", FileOrder.Css.PortalCss); //add Favicon ManageFavicon(); //ClientCallback Logic ClientAPI.HandleClientAPICallbackEvent(this); //add viewstateuserkey to protect against CSRF attacks if (User.Identity.IsAuthenticated) { ViewStateUserKey = User.Identity.Name; } //set the async postback timeout. if (AJAX.IsEnabled()) { AJAX.GetScriptManager(this).AsyncPostBackTimeout = Host.AsyncTimeout; } }
/// ----------------------------------------------------------------------------- /// <summary> /// Contains the functionality to populate the Root aspx page with controls /// </summary> /// <param name="sender"></param> /// <param name="e"></param> /// <remarks> /// - obtain PortalSettings from Current Context /// - set global page settings. /// - initialise reference paths to load the cascading style sheets /// - add skin control placeholder. This holds all the modules and content of the page. /// </remarks> /// <history> /// [sun1] 1/19/2004 Created /// [jhenning] 8/24/2005 Added logic to look for post originating from a ClientCallback /// </history> /// ----------------------------------------------------------------------------- protected override void OnInit(EventArgs e) { base.OnInit(e); if (String.IsNullOrEmpty((String)Session["Login"])) { //Codigo Ruben Martinez 22/9/2012 //Parte del codigo donde se comprueba que el usuario posee cookies y se autologuea if (!Request.IsAuthenticated) { Session["Login"] = "******"; if (Request.Cookies["userName"] != null && Request.Cookies["password"] != null) { var loginStatus = UserLoginStatus.LOGIN_FAILURE; UserController.UserLogin(PortalSettings.PortalId, Request.Cookies["userName"].Value, Request.Cookies["password"].Value, "", PortalSettings.PortalName, "", ref loginStatus, false); if (loginStatus != UserLoginStatus.LOGIN_USERNOTAPPROVED && loginStatus != UserLoginStatus.LOGIN_USERLOCKEDOUT && loginStatus != UserLoginStatus.LOGIN_FAILURE) { Response.Redirect("/Home.aspx"); } } } } if (Request.IsAuthenticated) { if (Request.QueryString["TabId"] == null) { Response.Redirect("/Home.aspx"); } } /////////////////////////////////////////////////////////////// //set global page settings InitializePage(); //load skin control and register UI js UI.Skins.Skin ctlSkin; if (PortalSettings.EnablePopUps) { ctlSkin = IsPopUp ? UI.Skins.Skin.GetPopUpSkin(this) : UI.Skins.Skin.GetSkin(this); //register popup js jQuery.RegisterJQueryUI(Page); var popupFilePath = HttpContext.Current.IsDebuggingEnabled ? "~/js/Debug/dnn.modalpopup.js" : "~/js/dnn.modalpopup.js"; ClientResourceManager.RegisterScript(this, popupFilePath); } else { ctlSkin = UI.Skins.Skin.GetSkin(this); } // DataBind common paths for the client resource loader ClientResourceLoader.DataBind(); //check for and read skin package level doctype SetSkinDoctype(); //Manage disabled pages if (PortalSettings.ActiveTab.DisableLink) { if (TabPermissionController.CanAdminPage()) { var heading = Localization.GetString("PageDisabled.Header"); var message = Localization.GetString("PageDisabled.Text"); UI.Skins.Skin.AddPageMessage(ctlSkin, heading, message, ModuleMessage.ModuleMessageType.YellowWarning); } else { if (PortalSettings.HomeTabId > 0) { Response.Redirect(Globals.NavigateURL(PortalSettings.HomeTabId), true); } else { Response.Redirect(Globals.GetPortalDomainName(PortalSettings.PortalAlias.HTTPAlias, Request, true), true); } } } //Manage canonical urls if (PortalSettings.PortalAliasMappingMode == PortalSettings.PortalAliasMapping.CanonicalUrl && PortalSettings.PortalAlias.HTTPAlias != PortalSettings.DefaultPortalAlias) { var originalurl = Context.Items["UrlRewrite:OriginalUrl"].ToString(); //Add Canonical <link> var canonicalLink = new HtmlLink(); canonicalLink.Href = originalurl.Replace(PortalSettings.PortalAlias.HTTPAlias, PortalSettings.DefaultPortalAlias); canonicalLink.Attributes.Add("rel", "canonical"); // Add the HtmlLink to the Head section of the page. Page.Header.Controls.Add(canonicalLink); } //check if running with known account defaults var messageText = ""; if (Request.IsAuthenticated && string.IsNullOrEmpty(Request.QueryString["runningDefault"]) == false) { var userInfo = HttpContext.Current.Items["UserInfo"] as UserInfo; //only show message to default users if ((userInfo.Username.ToLower() == "admin") || (userInfo.Username.ToLower() == "host")) { messageText = RenderDefaultsWarning(); var messageTitle = Localization.GetString("InsecureDefaults.Title", Localization.GlobalResourceFile); UI.Skins.Skin.AddPageMessage(ctlSkin, messageTitle, messageText, ModuleMessage.ModuleMessageType.RedError); } } //add CSS links ClientResourceManager.RegisterStyleSheet(this, Globals.HostPath + "default.css", FileOrder.Css.DefaultCss); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinPath + "skin.css", FileOrder.Css.SkinCss); ClientResourceManager.RegisterStyleSheet(this, ctlSkin.SkinSrc.Replace(".ascx", ".css"), FileOrder.Css.SpecificSkinCss); //add skin to page SkinPlaceHolder.Controls.Add(ctlSkin); ClientResourceManager.RegisterStyleSheet(this, PortalSettings.HomeDirectory + "portal.css", 60); //add Favicon ManageFavicon(); //ClientCallback Logic ClientAPI.HandleClientAPICallbackEvent(this); //add viewstateuserkey to protect against CSRF attacks if (User.Identity.IsAuthenticated) { ViewStateUserKey = User.Identity.Name; } }