private static bool IsForbiddenFolder(PortalContextInitInfo initInfo)
{
if (initInfo == null || string.IsNullOrEmpty(initInfo.SiteRelativePath))
{
return(false);
}
// get the first folder name from the path
var folderNames = initInfo.SiteRelativePath.Trim('/').Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
var firstFolderName = folderNames.Length > 0 ? folderNames[0] : string.Empty;
if (!string.IsNullOrEmpty(firstFolderName) && _forbiddenFolders.Any(fp => string.CompareOrdinal(fp, firstFolderName) == 0))
{
return(true);
}
// if it is a full path
if (initInfo.SiteRelativePath.StartsWith("/Root/", StringComparison.OrdinalIgnoreCase) && !string.IsNullOrEmpty(initInfo.SiteUrl))
{
// find the site above this content
var site = PortalContext.Sites.Values.FirstOrDefault(s => s.UrlList.ContainsKey(initInfo.SiteUrl));
if (site == null)
{
return(false);
}
var siteRelative = PortalContext.GetSiteRelativePath(initInfo.SiteRelativePath, site);
folderNames = siteRelative.Trim('/').Split(new[] { '/' }, StringSplitOptions.RemoveEmptyEntries);
firstFolderName = folderNames.Length > 0 ? folderNames[0] : string.Empty;
if (!string.IsNullOrEmpty(firstFolderName) && _forbiddenFolders.Any(fp => string.CompareOrdinal(fp, firstFolderName) == 0))
{
return(true);
}
}
return(false);
}
private void HandleResponseForClientCache(PortalContextInitInfo initInfo)
{
// binaryhandler
if (initInfo.BinaryHandlerRequestedNodeHead != null)
{
var bhMaxAge = Settings.GetValue(PortalSettings.SETTINGSNAME, PortalSettings.SETTINGS_BINARYHANDLER_MAXAGE, initInfo.RepositoryPath, 0);
if (bhMaxAge > 0)
{
HttpHeaderTools.SetCacheControlHeaders(bhMaxAge);
// We're only handling these if the visitor has permissions to the node
if (CheckVisitorPermissions(initInfo.RequestedNodeHead))
{
// handle If-Modified-Since and Last-Modified headers
HttpHeaderTools.EndResponseForClientCache(initInfo.BinaryHandlerRequestedNodeHead.ModificationDate);
}
else
{
// otherwise store the value for later use
initInfo.ModificationDateForClient = initInfo.BinaryHandlerRequestedNodeHead.ModificationDate;
}
return;
}
}
if (initInfo.IsWebdavRequest || initInfo.IsOfficeProtocolRequest)
{
HttpContext.Current.Response.Headers.Add("Pragma", "no-cache"); // HTTP 1.0
HttpContext.Current.Response.Headers.Add("Expires", "Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
return;
}
// get requested nodehead
if (initInfo.RequestedNodeHead == null)
{
return;
}
// if action name is given, do not do shortcircuit (eg. myscript.js?action=Edit should be a server-rendered page)
if (!string.IsNullOrEmpty(initInfo.ActionName))
{
return;
}
// **********************************************************
// Image content check is moved to OnAuthorize event handler, because it needs the
// fully loaded node. Here we handle only other content - e.g. js/css files.
// **********************************************************
if (!initInfo.RequestedNodeHead.GetNodeType().IsInstaceOfOrDerivedFrom(typeof(Image).Name))
{
var cacheSetting = GetCacheHeaderSetting(initInfo.RequestUri, initInfo.RequestedNodeHead);
if (cacheSetting.HasValue)
{
HttpHeaderTools.SetCacheControlHeaders(cacheSetting.Value);
// We're only handling these if the visitor has permissions to the node
if (CheckVisitorPermissions(initInfo.RequestedNodeHead))
{
// handle If-Modified-Since and Last-Modified headers
HttpHeaderTools.EndResponseForClientCache(initInfo.RequestedNodeHead.ModificationDate);
}
else
{
// otherwise store the value for later use
initInfo.ModificationDateForClient = initInfo.RequestedNodeHead.ModificationDate;
}
return;
}
}
// applications
Application app;
// elevate to sysadmin, as we are startupuser here, and group 'everyone' should have permissions to application without elevation
using (new SystemAccount())
{
// load the application, or the node itself if it is an application
if (initInfo.RequestedNodeHead.GetNodeType().IsInstaceOfOrDerivedFrom("Application"))
{
app = Node.LoadNode(initInfo.RequestedNodeHead) as Application;
}
else
{
app = ApplicationStorage.Instance.GetApplication(initInfo.ActionName, initInfo.RequestedNodeHead, initInfo.DeviceName);
}
}
if (app == null)
{
return;
}
var maxAge = app.NumericMaxAge;
var cacheControl = app.GetCacheControlEnumValue();
if (cacheControl.HasValue && maxAge.HasValue)
{
HttpHeaderTools.SetCacheControlHeaders(maxAge.Value, cacheControl.Value);
// We're only handling these if the visitor has permissions to the node
if (CheckVisitorPermissions(initInfo.RequestedNodeHead))
{
// handle If-Modified-Since and Last-Modified headers
HttpHeaderTools.EndResponseForClientCache(initInfo.RequestedNodeHead.ModificationDate);
}
else
{
// otherwise store the value for later use
initInfo.ModificationDateForClient = initInfo.RequestedNodeHead.ModificationDate;
}
}
}
private void HandleResponseForClientCache(PortalContextInitInfo initInfo)
{
var context = HttpContext.Current;
// binaryhandler
if (_binaryHandlerClientCacheMaxAge.HasValue && initInfo.BinaryHandlerRequestedNodeHead != null)
{
HttpHeaderTools.SetCacheControlHeaders(_binaryHandlerClientCacheMaxAge.Value);
// handle is-modified-since requests only for requests coming from proxy
if (PortalContext.ProxyIPs.Contains(context.Request.UserHostAddress))
{
HttpHeaderTools.EndResponseForClientCache(initInfo.BinaryHandlerRequestedNodeHead.ModificationDate);
}
return;
}
// images, and other content requested with their path (e.g. /Root/Global/images/myimage.png)
string extension = System.IO.Path.GetExtension(context.Request.Url.AbsolutePath).ToLower();
if (_clientCacheConfig != null && _clientCacheConfig.ContainsKey(extension))
{
// get requested nodehead
if (initInfo.RequestedNodeHead == null)
{
return;
}
int seconds = _clientCacheConfig[extension];
HttpHeaderTools.SetCacheControlHeaders(seconds);
// handle is-modified-since requests only for requests coming from proxy
if (PortalContext.ProxyIPs.Contains(context.Request.UserHostAddress))
{
HttpHeaderTools.EndResponseForClientCache(initInfo.RequestedNodeHead.ModificationDate);
}
return;
}
// applications
if (initInfo.RequestedNodeHead != null)
{
Application app = null;
// elevate to sysadmin, as we are startupuser here, and group 'everyone' should have permissions to application without elevation
using (new SystemAccount())
{
app = ApplicationStorage.Instance.GetApplication(string.IsNullOrEmpty(initInfo.ActionName) ? "browse" : initInfo.ActionName, initInfo.RequestedNodeHead, initInfo.DeviceName);
}
if (app != null)
{
var maxAge = app.NumericMaxAge;
var cacheControl = app.CacheControlEnumValue;
if (cacheControl.HasValue && maxAge.HasValue)
{
HttpHeaderTools.SetCacheControlHeaders(maxAge.Value, cacheControl.Value);
if (PortalContext.ProxyIPs.Contains(context.Request.UserHostAddress))
{
HttpHeaderTools.EndResponseForClientCache(initInfo.RequestedNodeHead.ModificationDate);
}
}
return;
}
}
}
