public Task Invoke(IDictionary <string, object> environment) { var serverRequest = new ServerRequest(environment); var serverResponse = new ServerResponse(environment); var hostContext = new HostContext(serverRequest, serverResponse); string origin = serverRequest.RequestHeaders.GetHeader("Origin"); if (_configuration.EnableCrossDomain) { // Add CORS response headers support if (!String.IsNullOrEmpty(origin)) { serverResponse.ResponseHeaders.SetHeader("Access-Control-Allow-Origin", origin); serverResponse.ResponseHeaders.SetHeader("Access-Control-Allow-Credentials", "true"); } } else { string callback = serverRequest.QueryString["callback"]; // If it's a JSONP request and we're not allowing cross domain requests then block it // If there's an origin header and it's not a same origin request then block it. if (!String.IsNullOrEmpty(callback) || (!String.IsNullOrEmpty(origin) && !IsSameOrigin(serverRequest.Url, origin))) { return(EndResponse(environment, 403, Resources.Forbidden_CrossDomainIsDisabled)); } } // Add the nosniff header for all responses to prevent IE from trying to sniff mime type from contents serverResponse.ResponseHeaders.SetHeader("X-Content-Type-Options", "nosniff"); // REVIEW: Performance hostContext.Items[HostConstants.SupportsWebSockets] = environment.SupportsWebSockets(); hostContext.Items[HostConstants.ShutdownToken] = environment.GetShutdownToken(); hostContext.Items[HostConstants.DebugMode] = environment.GetIsDebugEnabled(); serverRequest.DisableRequestCompression(); serverResponse.DisableResponseBuffering(); _connection.Initialize(_configuration.Resolver, hostContext); if (!_connection.Authorize(serverRequest)) { // If we failed to authorize the request then return a 403 since the request // can't do anything return(EndResponse(environment, 403, "Forbidden")); } else { return(_connection.ProcessRequest(hostContext)); } }
public override Task Invoke(IOwinContext context) { if (context == null) { throw new ArgumentNullException("context"); } if (JsonUtility.TryRejectJSONPRequest(_configuration, context)) { return(TaskAsyncHelper.Empty); } var connectionFactory = new PersistentConnectionFactory(_configuration.Resolver); PersistentConnection connection = connectionFactory.CreateInstance(_connectionType); connection.Initialize(_configuration.Resolver); return(connection.ProcessRequest(context.Environment)); }