/// <summary>
/// Get the current settings from the xml config file.
/// </summary>
/// <returns></returns>
public static RequestFilterSettings GetSettings()
{
var settings = (RequestFilterSettings)DataCache.GetCache(RequestFilterConfig);
if (settings == null)
{
settings = new RequestFilterSettings();
string filePath = Common.Utilities.Config.GetPathToFile(Common.Utilities.Config.ConfigFileType.DotNetNuke);
// Create a FileStream for the Config file
using (var fileReader = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read))
{
var doc = new XPathDocument(fileReader);
XPathNodeIterator ruleList = doc.CreateNavigator().Select("/configuration/blockrequests/rule");
while (ruleList.MoveNext())
{
try
{
string serverVar = ruleList.Current.GetAttribute("servervar", string.Empty);
string values = ruleList.Current.GetAttribute("values", string.Empty);
var ac = (RequestFilterRuleType)Enum.Parse(typeof(RequestFilterRuleType), ruleList.Current.GetAttribute("action", string.Empty));
var op = (RequestFilterOperatorType)Enum.Parse(typeof(RequestFilterOperatorType), ruleList.Current.GetAttribute("operator", string.Empty));
string location = ruleList.Current.GetAttribute("location", string.Empty);
var rule = new RequestFilterRule(serverVar, values, op, ac, location);
settings.Rules.Add(rule);
}
catch (Exception ex)
{
DotNetNuke.Services.Exceptions.Exceptions.LogException(new Exception(string.Format("Unable to read RequestFilter Rule: {0}:", ruleList.Current.OuterXml), ex));
}
}
}
if (File.Exists(filePath))
{
// Set back into Cache
DataCache.SetCache(RequestFilterConfig, settings, new DNNCacheDependency(filePath));
}
}
return(settings);
}
/// <summary>
/// Get the current settings from the xml config file
/// </summary>
public static RequestFilterSettings GetSettings()
{
var settings = (RequestFilterSettings) DataCache.GetCache(RequestFilterConfig);
if (settings == null)
{
settings = new RequestFilterSettings();
string filePath = Common.Utilities.Config.GetPathToFile(Common.Utilities.Config.ConfigFileType.DotNetNuke);
//Create a FileStream for the Config file
var fileReader = new FileStream(filePath, FileMode.Open, FileAccess.Read, FileShare.Read);
var doc = new XPathDocument(fileReader);
XPathNodeIterator ruleList = doc.CreateNavigator().Select("/configuration/blockrequests/rule");
while (ruleList.MoveNext())
{
try
{
string serverVar = ruleList.Current.GetAttribute("servervar", string.Empty);
string values = ruleList.Current.GetAttribute("values", string.Empty);
var ac = (RequestFilterRuleType) Enum.Parse(typeof (RequestFilterRuleType), ruleList.Current.GetAttribute("action", string.Empty));
var op = (RequestFilterOperatorType) Enum.Parse(typeof (RequestFilterOperatorType), ruleList.Current.GetAttribute("operator", string.Empty));
string location = ruleList.Current.GetAttribute("location", string.Empty);
var rule = new RequestFilterRule(serverVar, values, op, ac, location);
settings.Rules.Add(rule);
}
catch (Exception ex)
{
DotNetNuke.Services.Exceptions.Exceptions.LogException(new Exception(string.Format("Unable to read RequestFilter Rule: {0}:", ruleList.Current.OuterXml), ex));
}
}
if ((File.Exists(filePath)))
{
//Set back into Cache
DataCache.SetCache(RequestFilterConfig, settings, new DNNCacheDependency(filePath));
}
}
return settings;
}
private static void FilterRequest(object sender, EventArgs e)
{
var app = (HttpApplication)sender;
if ((app == null) || (app.Context == null) || (app.Context.Items == null))
{
return;
}
var request = app.Context.Request;
if (RewriterUtils.OmitFromRewriteProcessing(request.Url.LocalPath))
{
return;
}
//Carry out first time initialization tasks
Initialize.Init(app);
if (request.Url.LocalPath.ToLower().EndsWith("install.aspx") ||
request.Url.LocalPath.ToLower().Contains("upgradewizard.aspx") ||
request.Url.LocalPath.ToLower().Contains("installwizard.aspx"))
{
return;
}
//only do this if we havn't already attempted an install. This prevents PreSendRequestHeaders from
//trying to add this item way to late. We only want the first run through to do anything.
//also, we use the context to store whether or not we've attempted an add, as it's thread-safe and
//scoped to the request. An instance of this module can service multiple requests at the same time,
//so we cannot use a member variable.
if (!app.Context.Items.Contains(InstalledKey))
{
//log the install attempt in the HttpContext
//must do this first as several IF statements
//below skip full processing of this method
app.Context.Items.Add(InstalledKey, true);
var settings = RequestFilterSettings.GetSettings();
if ((settings == null || settings.Rules.Count == 0 || !settings.Enabled))
{
return;
}
foreach (var rule in settings.Rules)
{
//Added ability to determine the specific value types for addresses
//this check was necessary so that your rule could deal with IPv4 or IPv6
//To use this mode, add ":IPv4" or ":IPv6" to your servervariable name.
var varArray = rule.ServerVariable.Split(':');
var varVal = request.ServerVariables[varArray[0]];
if (varArray[0].EndsWith("_ADDR", StringComparison.InvariantCultureIgnoreCase) && varArray.Length > 1)
{
switch (varArray[1])
{
case "IPv4":
varVal = NetworkUtils.GetAddress(varVal, AddressType.IPv4);
break;
case "IPv6":
varVal = NetworkUtils.GetAddress(varVal, AddressType.IPv4);
break;
}
}
if ((!string.IsNullOrEmpty(varVal)))
{
if ((rule.Matches(varVal)))
{
rule.Execute();
}
}
}
}
}
