public async Task <ActionResult> Get()
{
string path = HttpUtility.UrlDecode(Request.GetRelativePath())
.ToLowerInvariant();
if (path.StartsWith("http:/"))
{
path = "http://" + path.SubstringAfter("http:/");
Response.Redirect(path, true);
}
else if (path.StartsWith("https:/"))
{
path = "https://" + path.SubstringAfter("https:/");
Response.Redirect(path, true);
}
else if (path.StartsWith("ftp:/"))
{
path = "ftp://" + path.SubstringAfter("ftp:/");
Response.Redirect(path, true);
}
//if it is going to ICE images, use a different system, get image content from resource
if (path.ToLowerInvariant().EndsWith("images/_ice_/play.png"))
{
string ext = Path.GetExtension(path);
//string mimeType = MIMEAssisant.GetMIMEType("png");
string mimeType = MIMEAssistant.GetMIMEType("png");
var image = Properties.Resources.play;
MemoryStream ms = new MemoryStream();
image.Save(ms, System.Drawing.Imaging.ImageFormat.Png);
ms.Position = 0;
return(File(ms, mimeType));
}
else
{
path = path.ToLowerInvariant().TrimStart('/');
Regex trimRE = new Regex(@"^((images|documents|media)\/)?assets\/");
if (trimRE.IsMatch(path))
{
path = path.SubstringAfter("assets/");
}
if (isPreviewRequest)
{
// Pull the "assets" off the from of the path for preview. Publish puts it in 'assets'
path = (path.StartsWith("assets/") ? path.SubstringAfter("assets/") : path.TrimStart('/'));
using (var session = _ContentStore.OpenReadSession(_CurrentUser))
{
IAsset asset = session.Site.AssetByPath(path);
FileInfo file;
if (asset != null)
{
file = asset.File();
}
else
{
IUnmanagedAsset unmanaged = session.UnmanagedAssetManager.UnmanagedAsset(path);
if (unmanaged != null)
{
file = unmanaged.FileInfo;
}
else
{
throw new HttpException(404, string.Format("Asset for Preview {0} is missing.", path));
}
}
string mime = MimeMapping.GetMimeMapping(file.FullName);
return(new RangeFilePathResult(mime, file.FullName, file.LastWriteTimeUtc, file.Length));
//return base.File(file.FullName, mime);
}
}
//else
//{
// path = "assets/" + (path.StartsWith("assets/") ? path.SubstringAfter("assets/") : path.TrimStart('/'));
//}
string assetPath = Path.Combine(AssetBasePath, path.TrimStart('/').Replace("/", @"\"));
assetPath = Uri.UnescapeDataString(assetPath);
//if (!path.ToLowerInvariant().StartsWith("assets/") && !System.IO.File.Exists(assetPath))
//{
// path = "assets\\" + path.TrimStart('/').Replace("/", @"\");
// assetPath = Path.Combine(AssetBasePath, path);
//}
Assets.AssetFactory map = Assets.AssetFactory.Get(CmsRoute.GetSitePath());
Assets.IAsset assetMapEntry = map.GetAssetByPath(path);
if (assetMapEntry != null)
{
var assetId = assetMapEntry.AssetId;
Assets.AssetTree tree = Assets.AssetTree.Get(CmsRoute.GetSitePath());
var assetTreeEntry = tree.GetNode(assetId);
if (assetTreeEntry != null && !assetTreeEntry.Valid())
{
throw new HttpException(404, string.Format("Asset {0} is invalid.", assetPath));
}
assetPath = assetMapEntry.FilePath;
if (assetMapEntry.IsExternal)
{
Response.Redirect(assetPath);
}
}
else
{
throw new HttpException(404, string.Format("Asset {0} is invalid.", assetPath));
}
//block any access in settings folder
string settingsFolder = Path.Combine(AssetBasePath, "settings").ToLowerInvariant() + @"\";
if (assetPath.ToLowerInvariant().StartsWith(settingsFolder))
{
throw new HttpException((int)AssetRequestState.Forbidden, Ingeniux.Runtime.Properties.Resources.AccessToDynamicSiteServerMetaDataIsForbidd);
}
if (!System.IO.File.Exists(assetPath))
{
path = path.Replace("\\", "/");
if (path.StartsWith("assets/"))
{
path = "/" + path.SubstringAfter("assets/");
}
var urlmap = Runtime.StructureUrlMap.Get(CmsRoute.GetSitePath());
var urlmapEntry = urlmap.GetPageDataByPath(path);
if (urlmapEntry != null)
{
CMSPageDefaultController pageController = initPageController();
return(pageController.Index());
}
else
{
throw new HttpException(404, Ingeniux.Runtime.Properties.Resources.AssetDoesnTExist);
}
}
DateTime lastWriteTime = System.IO.File.GetLastWriteTime(assetPath);
if (!changed(lastWriteTime))
{
return(new HttpStatusCodeResult(304));
}
string ext = Path.GetExtension(assetPath).TrimStart('.');
string mimeType = MIMEAssistant.GetMIMEType(ext);
bool isAttachment = path.StartsWith("documents/") || mimeType == MIMEAssistant.DEFAULT_MIME_TYPE;
//if (isAttachment)
// Response.AddHeader("Content-Disposition", "attachment");
string thisUrl = Request.Url.AbsoluteUri;
if (!isPreviewRequest)
{
//if (Authman.IsForbiddenAsset(path) || Authman.IsProtectedAsset(path) || isAttachment)
//{
// setNoCache();
//}
//else
//{
// Response.Cache.SetCacheability(HttpCacheability.ServerAndPrivate);
// //Response.Cache.SetExpires(DateTime.MaxValue);
// Response.CacheControl = "private";
// Response.Cache.SetLastModified(System.IO.File.GetLastWriteTime(assetPath));
//}
//when runtime request, check protected and forbidden folder
AssetRequestState stateCheck = Authman.CheckAssetAccessiblility(path, Request);
if (stateCheck == AssetRequestState.Forbidden)
{
string forbiddenResponsePagePath = AuthenticationManager.Settings.ForbiddenFoldersResponsePage;
//path is blocked, go to forbidden response page
if (!string.IsNullOrWhiteSpace(forbiddenResponsePagePath))
{
if (!forbiddenResponsePagePath.EndsWith(".xml") || !forbiddenResponsePagePath.SubstringBefore(".", false, true).IsXId())
{
string fullRedirPath = forbiddenResponsePagePath.ToAbsoluteUrl();
fullRedirPath += fullRedirPath.Contains("?") ? "&" : "?";
fullRedirPath += "blockedPath=" + HttpUtility.UrlEncode(HttpUtility.UrlEncode(thisUrl));
return(Redirect(fullRedirPath));
}
else
{
//if the setting is standar xid.xml, then use more friendly path rewrite
return(rewriteToCmsPath(
forbiddenResponsePagePath.SubstringBefore(".", false, true),
new Dictionary <string, string> {
{ "blockedPath", thisUrl }
}));
}
}
else
{
throw new HttpException((int)stateCheck, Ingeniux.Runtime.Properties.Resources.AccessToAssetIsForbidden);
}
}
if (stateCheck == AssetRequestState.Unauthorized)
{
string loginPagePath = Authman.LoginPath;
if (!string.IsNullOrWhiteSpace(loginPagePath))
{
string loginPathUrl = loginPagePath.ToAbsoluteUrl();
loginPathUrl += loginPathUrl.Contains("?") ? "&" : "?";
loginPathUrl += AuthenticationManager.Settings.RedirectionQueryStringName + "=" + Uri.EscapeDataString(Uri.EscapeDataString(thisUrl));
return(RedirectPermanent(loginPathUrl));
}
else
{
throw new HttpException((int)stateCheck, Ingeniux.Runtime.Properties.Resources.AccessToAssetIsNotAuthorized);
}
}
//use download manager if is protected asset, this way we can use the download page
if (!string.IsNullOrWhiteSpace(AuthenticationManager.Settings.BinaryDownloadPage) && Authman.IsProtectedAsset(path))
{
DownloadManager downloadsMan = Authman.DownloadsManager;
string downloadPageId;
Dictionary <string, string> queryStrings = new Dictionary <string, string>();
bool presentDownloadPage = downloadsMan.ProcessProtectedDownload(Request.RequestContext.HttpContext,
out queryStrings, out downloadPageId);
if (presentDownloadPage)
{
//Response.AddHeader("Content-Disposition", "attachment");
//return File(assetPath, mimeType);
return(rewriteToCmsPath(downloadPageId, queryStrings));
}
//return rewriteToCmsPath(downloadPageId, queryStrings);
}
}
setCacheResponses(ext, mimeType, path);
var forceDownloadDocuments = ConfigurationManager.AppSettings["ForceDownloadDocuments"] != null ?
ConfigurationManager.AppSettings["ForceDownloadDocuments"].ToBoolean() : true;
var bypassDownloadDocTypes = ConfigurationManager.AppSettings["DocumentExtBypassDownload"] != null ?
ConfigurationManager.AppSettings["DocumentExtBypassDownload"].Split(';') : new string[] { "" };
if (isAttachment && (forceDownloadDocuments && !bypassDownloadDocTypes.Contains(ext)))
{
Response.AddHeader("Content-Disposition", "attachment");
}
FileInfo assetInfo = new FileInfo(assetPath);
if (assetInfo.Length == 0)
{
return(File(assetPath, mimeType));
}
try
{
return(new RangeFilePathResult(mimeType, assetInfo.FullName, assetInfo.LastWriteTimeUtc, assetInfo.Length));
//return File(assetPath, mimeType);
}
catch (Exception e)
{
return(File(assetPath, mimeType));
}
}
}
public async Task <ActionResult> Get()
{
string path = HttpUtility.UrlDecode(Request.GetRelativePath())
.ToLowerInvariant();
//if it is going to ICE images, use a different system, get image content from resource
if (path.ToLowerInvariant().EndsWith("images/_ice_/play.png"))
{
string ext = Path.GetExtension(path);
//string mimeType = MIMEAssisant.GetMIMEType("png");
string mimeType = MIMEAssistant.GetMIMEType("png");
var image = Properties.Resources.play;
MemoryStream ms = new MemoryStream();
image.Save(ms, System.Drawing.Imaging.ImageFormat.Png);
ms.Position = 0;
return(File(ms, mimeType));
}
else
{
path = path.Contains("assets/") ? path.SubstringAfter("assets/") : path.TrimStart('/');
string assetPath = Path.Combine(AssetBasePath, path.TrimStart('/').Replace("/", @"\"));
//block any access in settings folder
string settingsFolder = Path.Combine(AssetBasePath, "settings").ToLowerInvariant() + @"\";
if (assetPath.ToLowerInvariant().StartsWith(settingsFolder))
{
throw new HttpException((int)AssetRequestState.Forbidden, Ingeniux.Runtime.Properties.Resources.AccessToDynamicSiteServerMetaDataIsForbidd);
}
if (!System.IO.File.Exists(assetPath))
{
throw new HttpException(404, Ingeniux.Runtime.Properties.Resources.AssetDoesnTExist);
}
DateTime lastWriteTime = System.IO.File.GetLastWriteTime(assetPath);
if (!changed(lastWriteTime))
{
return(new HttpStatusCodeResult(304));
}
string ext = Path.GetExtension(assetPath).TrimStart('.');
string mimeType = MIMEAssistant.GetMIMEType(ext);
bool isAttachment = path.StartsWith("documents/") || mimeType == MIMEAssistant.DEFAULT_MIME_TYPE;
//if (isAttachment && !Authman.IsProtectedAsset(path))
// Response.AddHeader("Content-Disposition", "attachment");
string thisUrl = Request.Url.AbsoluteUri;
if (!isPreviewRequest)
{
//if (Authman.IsForbiddenAsset(path) || Authman.IsProtectedAsset(path) || isAttachment)
//{
// setNoCache();
//}
//else
//{
// Response.Cache.SetCacheability(HttpCacheability.ServerAndPrivate);
// //Response.Cache.SetExpires(DateTime.MaxValue);
// Response.CacheControl = "private";
// Response.Cache.SetLastModified(System.IO.File.GetLastWriteTime(assetPath));
//}
//when runtime request, check protected and forbidden folder
AssetRequestState stateCheck = Authman.CheckAssetAccessiblility(path, Request);
if (stateCheck == AssetRequestState.Forbidden)
{
string forbiddenResponsePagePath = AuthenticationManager.Settings.ForbiddenFoldersResponsePage;
//path is blocked, go to forbidden response page
if (!string.IsNullOrWhiteSpace(forbiddenResponsePagePath))
{
if (!forbiddenResponsePagePath.EndsWith(".xml") || !forbiddenResponsePagePath.SubstringBefore(".", false, true).IsXId())
{
string fullRedirPath = forbiddenResponsePagePath.ToAbsoluteUrl();
fullRedirPath += fullRedirPath.Contains("?") ? "&" : "?";
fullRedirPath += "blockedPath=" + HttpUtility.UrlEncode(HttpUtility.UrlEncode(thisUrl));
return(Redirect(fullRedirPath));
}
else
{
//if the setting is standar xid.xml, then use more friendly path rewrite
return(rewriteToCmsPath(
forbiddenResponsePagePath.SubstringBefore(".", false, true),
new Dictionary <string, string> {
{ "blockedPath", thisUrl }
}));
}
}
else
{
throw new HttpException((int)stateCheck, Ingeniux.Runtime.Properties.Resources.AccessToAssetIsForbidden);
}
}
if (stateCheck == AssetRequestState.Unauthorized)
{
string loginPagePath = Authman.LoginPath;
if (!string.IsNullOrWhiteSpace(loginPagePath))
{
string loginPathUrl = loginPagePath.ToAbsoluteUrl();
loginPathUrl += loginPathUrl.Contains("?") ? "&" : "?";
loginPathUrl += AuthenticationManager.Settings.RedirectionQueryStringName + "=" + Uri.EscapeDataString(Uri.EscapeDataString(thisUrl));
return(RedirectPermanent(loginPathUrl));
}
else
{
throw new HttpException((int)stateCheck, Ingeniux.Runtime.Properties.Resources.AccessToAssetIsNotAuthorized);
}
}
//use download manager if is protected asset, this way we can use the download page
if (!string.IsNullOrWhiteSpace(AuthenticationManager.Settings.BinaryDownloadPage) && Authman.IsProtectedAsset(path))
{
DownloadManager downloadsMan = Authman.DownloadsManager;
string downloadPageId;
Dictionary <string, string> queryStrings = new Dictionary <string, string>();
bool presentDownloadPage = downloadsMan.ProcessProtectedDownload(Request.RequestContext.HttpContext,
out queryStrings, out downloadPageId);
if (presentDownloadPage)
{
//Response.AddHeader("Content-Disposition", "attachment");
//return File(assetPath, mimeType);
return(rewriteToCmsPath(downloadPageId, queryStrings));
}
//return rewriteToCmsPath(downloadPageId, queryStrings);
}
}
setCacheResponses(ext, mimeType, path);
var forceDownloadDocuments = ConfigurationManager.AppSettings["ForceDownloadDocuments"] != null ?
ConfigurationManager.AppSettings["ForceDownloadDocuments"].ToBoolean() : true;
var bypassDownloadDocTypes = ConfigurationManager.AppSettings["DocumentExtBypassDownload"] != null ?
ConfigurationManager.AppSettings["DocumentExtBypassDownload"].Split(';') : new string[] { "" };
if (isAttachment && (forceDownloadDocuments && !bypassDownloadDocTypes.Contains(ext)))
{
Response.AddHeader("Content-Disposition", "attachment");
}
FileInfo assetInfo = new FileInfo(assetPath);
return(new RangeFilePathResult(mimeType, assetInfo.FullName, assetInfo.LastWriteTimeUtc, assetInfo.Length));
}
}
public ActionResult Get()
{
string path = HttpUtility.UrlDecode(Request.GetRelativePath());
//if it is going to ICE images, use a different system, get image content from resource
if (path.ToLowerInvariant().EndsWith("images/_ice_/play.png"))
{
string mimeType = MIMEAssistant.GetMIMEType("png");
var image = Properties.Resources.play;
MemoryStream ms = new MemoryStream();
image.Save(ms, System.Drawing.Imaging.ImageFormat.Png);
ms.Position = 0;
return(File(ms, mimeType));
}
else if (path.Contains("swapandsellimgs/"))
{
string ext = Path.GetExtension(path);
string mimeType = MIMEAssistant.GetMIMEType(ext);
string filePath = Path.Combine(Server.MapPath("~/App_Data/"), path.TrimStart('/'));
if (!System.IO.File.Exists(filePath))
{
throw new HttpException(404, Ingeniux.Runtime.Properties.Resources.AssetDoesnTExist);
}
return(File(filePath, mimeType));
}
else
{
path = path.Contains("assets/") ? path.SubstringAfter("assets/") : path;
string assetPath = Path.Combine(AssetBasePath, path.TrimStart('/').Replace("/", @"\"));
if (!System.IO.File.Exists(assetPath))
{
throw new HttpException(404, Ingeniux.Runtime.Properties.Resources.AssetDoesnTExist);
}
DateTime lastWriteTime = System.IO.File.GetLastWriteTime(assetPath);
if (!changed(lastWriteTime))
{
return(new HttpStatusCodeResult(304));
}
string ext = Path.GetExtension(assetPath).TrimStart('.');
string mimeType = MIMEAssistant.GetMIMEType(ext);
if (path.StartsWith("documents/") || mimeType == MIMEAssistant.DEFAULT_MIME_TYPE)
{
Response.AddHeader("Content-Disposition", "attachment");
}
string thisUrl = Request.Url.AbsoluteUri;
if (!isPreviewRequest)
{
if (Authman.IsForbiddenAsset(path) || Authman.IsProtectedAsset(path))
{
setNoCache();
}
else
{
Response.Cache.SetCacheability(HttpCacheability.Public);
Response.Cache.SetExpires(DateTime.MaxValue);
Response.CacheControl = "public";
Response.Cache.SetLastModified(System.IO.File.GetLastWriteTime(assetPath));
}
//when runtime request, check protected and forbidden folder
AssetRequestState stateCheck = Authman.CheckAssetAccessiblility(path, Request);
if (stateCheck == AssetRequestState.Forbidden)
{
string forbiddenResponsePagePath = AuthenticationManager.Settings.ForbiddenFoldersResponsePage;
//path is blocked, go to forbidden response page
if (!string.IsNullOrWhiteSpace(forbiddenResponsePagePath))
{
if (!forbiddenResponsePagePath.EndsWith(".xml") || !forbiddenResponsePagePath.SubstringBefore(".", false, true).IsXId())
{
string fullRedirPath = forbiddenResponsePagePath.ToAbsoluteUrl();
fullRedirPath += fullRedirPath.Contains("?") ? "&" : "?";
fullRedirPath += "blockedPath=" + HttpUtility.UrlEncode(HttpUtility.UrlEncode(thisUrl));
return(Redirect(fullRedirPath));
}
else
{
//if the setting is standar xid.xml, then use more friendly path rewrite
return(rewriteToCmsPath(
forbiddenResponsePagePath.SubstringBefore(".", false, true),
new Dictionary <string, string> {
{ "blockedPath", thisUrl }
}));
}
}
else
{
throw new HttpException((int)stateCheck, Ingeniux.Runtime.Properties.Resources.AccessToAssetIsForbidden);
}
}
if (stateCheck == AssetRequestState.Unauthorized)
{
string loginPagePath = Authman.LoginPath;
if (!string.IsNullOrWhiteSpace(loginPagePath))
{
string loginPathUrl = loginPagePath.ToAbsoluteUrl();
loginPathUrl += loginPathUrl.Contains("?") ? "&" : "?";
loginPathUrl += AuthenticationManager.Settings.RedirectionQueryStringName + "=" + Uri.EscapeDataString(Uri.EscapeDataString(thisUrl));
return(RedirectPermanent(loginPathUrl));
}
else
{
throw new HttpException((int)stateCheck, Ingeniux.Runtime.Properties.Resources.AccessToAssetIsNotAuthorized);
}
}
//use download manager if is protected asset, this way we can use the download page
if (!string.IsNullOrWhiteSpace(AuthenticationManager.Settings.BinaryDownloadPage) && Authman.IsProtectedAsset(path))
{
DownloadManager downloadsMan = Authman.DownloadsManager;
string downloadPageId;
Dictionary <string, string> queryStrings = new Dictionary <string, string>();
bool presentDownloadPage = downloadsMan.ProcessProtectedDownload(Request.RequestContext.HttpContext,
out queryStrings, out downloadPageId);
if (!presentDownloadPage)
{
Response.AddHeader("Content-Disposition", "attachment");
return(File(assetPath, mimeType));
}
return(rewriteToCmsPath(downloadPageId, queryStrings));
}
}
return(File(assetPath, mimeType));
}
}