protected virtual string GetRequestInfoJavaScript(string webScreenKey, string webScreenName) { var info = AppInfo.GetAppInfo(); using (var writer = new StringWriter()) { writer.Write(" <script id=\"_OSrequestInfoScript\" type=\"text/javascript\">(function(global) { "); writer.Write("global.outsystems = global.outsystems || {};"); writer.Write("global.outsystems.internal = global.outsystems.internal || {};"); if (Settings.GetBool(Settings.Configs.JavascriptAPI_ShowHiddenFields)) { writer.Write("global.outsystems.internal.showHiddenFields = true;"); } writer.Write("global.outsystems.internal.requestInfo = {"); // #564602 OSVisit and OSVisitor cookies allow HTML injection -check if cookies' value was modified writer.Write("visitorKey:'{0}',", GuidUtils.IsGuid(info.VisitorId) ? info.VisitorId : ""); writer.Write("visitKey:'{0}',", GuidUtils.IsGuid(info.VisitId) ? info.VisitId : ""); writer.Write("sessionKey:'{0}',", info.OsContext.Session.SessionIDHash); writer.Write("userKey:'{0}',", info.OsContext.Session.UserIdGuid); var perfTracer = info.OsContext.RequestTracer; bool perfTracerExists = perfTracer != null; writer.Write("requestKey:'{0}',", (perfTracerExists) ? perfTracer.RequestKey : ""); writer.Write("webScreenKey:'{0}',", ObjectKeyUtils.DatabaseValue(ObjectKey.Parse(webScreenKey))); writer.Write("webScreenName:'{0}',", webScreenName); writer.Write("espaceKey:'{0}',", (perfTracerExists) ? perfTracer.ModuleKey : info.eSpaceUID); writer.Write("espaceName:'{0}',", (perfTracerExists) ? perfTracer.ModuleName : info.eSpaceName); writer.Write("applicationKey:'{0}',", (perfTracerExists) ? perfTracer.ApplicationKey : info.ApplicationUID); writer.Write("applicationName:'{0}',", (perfTracerExists) ? perfTracer.ApplicationName : info.ApplicationName); writer.Write("tenantKey:'{0}',", (perfTracerExists) ? perfTracer.TenantKey : info.Tenant.Id_Guid); writer.Write("tenantName:'{0}',", (perfTracerExists) ? perfTracer.TenantName : info.Tenant.Name); writer.Write("environmentKey:'{0}',", (perfTracerExists) ? perfTracer.EnvironmentKey : info.EnvironmentKey); writer.Write("environmentName:'{0}',", (perfTracerExists) ? perfTracer.EnvironmentName : info.EnvironmentName); if (Settings.GetBool(Settings.Configs.JavascriptAPI_ShowHiddenFields)) { writer.Write("username:'******',", info.OsContext.Session.UserName); writer.Write("frontendName:'{0}',", (perfTracerExists) ? perfTracer.FrontEndName : info.FrontendName); } // #664816 - When the host serial on OSSYS_SERVER is different from the one in the windows registry the FrontendName will not be read from the DB. // We do a null check here to prevent this not vital information from stopping the application load. string value = null; if (perfTracerExists) { value = string.IsNullOrEmpty(perfTracer.FrontEndName) ? "" : SecureConfidentialInformationEncryption.EncryptWithAlgorithm(perfTracer.FrontEndName, SecureConfidentialInformationEncryption.FixedKeyAES128.Instance); } else { value = string.IsNullOrEmpty(info.FrontendName) ? "" : SecureConfidentialInformationEncryption.EncryptWithAlgorithm(info.FrontendName, SecureConfidentialInformationEncryption.FixedKeyAES128.Instance); } writer.Write("frontendKey:'{0}'", value); writer.Write("}"); writer.Write("})(this);"); writer.Write("</script>\n"); return(writer.ToString()); } }
public static string Encrypt(string password, Version targetServerVersion) { return(ENCRYPTED_SYMMETRIC_PREFIX + SecureConfidentialInformationEncryption.EncryptWithAlgorithm(password, SecureConfidentialInformationEncryption.FixedKeyAES128.Instance)); }