public HostContext(IDictionary<string, object> environment)
{
Request = new ServerRequest(environment);
Response = new ServerResponse(environment);
Environment = environment;
}
public Task Invoke(IDictionary<string, object> env)
{
var request = new ServerRequest(env);
var response = new Gate.Response(env);
if (!request.Url.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase))
{
var builder = new UriBuilder(request.Url);
builder.Scheme = "https";
if (request.Url.IsDefaultPort)
{
builder.Port = -1;
}
response.SetHeader("Location", builder.ToString());
response.StatusCode = 302;
return TaskAsyncHelper.Empty;
}
else
{
return _next(env);
}
}
public Task Invoke(IDictionary <string, object> environment)
{
var serverRequest = new ServerRequest(environment);
var serverResponse = new ServerResponse(environment);
var hostContext = new HostContext(serverRequest, serverResponse);
// Add CORS support
var origins = serverRequest.RequestHeaders.GetHeaders("Origin");
if (origins != null && origins.Any(origin => !String.IsNullOrEmpty(origin)))
{
serverResponse.ResponseHeaders["Access-Control-Allow-Origin"] = origins;
serverResponse.ResponseHeaders["Access-Control-Allow-Credentials"] = AllowCredentialsTrue;
}
hostContext.Items[HostConstants.SupportsWebSockets] = LazyInitializer.EnsureInitialized(
ref _supportWebSockets,
ref _supportWebSocketsInitialized,
ref _supportWebSocketsLock,
() => environment.SupportsWebSockets());
hostContext.Items[HostConstants.ShutdownToken] = environment.GetShutdownToken();
hostContext.Items[HostConstants.DebugMode] = environment.GetIsDebugEnabled();
serverRequest.DisableRequestBuffering();
serverResponse.DisableResponseBuffering();
_connection.Initialize(_resolver, hostContext);
return(_connection.ProcessRequestAsync(hostContext));
}
public Task Invoke(IDictionary<string, object> environment)
{
var serverRequest = new ServerRequest(environment);
var serverResponse = new ServerResponse(environment);
var hostContext = new HostContext(serverRequest, serverResponse);
// Add CORS support
var origins = serverRequest.RequestHeaders.GetHeaders("Origin");
if (origins != null && origins.Any(origin => !String.IsNullOrEmpty(origin)))
{
serverResponse.ResponseHeaders["Access-Control-Allow-Origin"] = origins;
serverResponse.ResponseHeaders["Access-Control-Allow-Credentials"] = AllowCredentialsTrue;
}
hostContext.Items[HostConstants.SupportsWebSockets] = LazyInitializer.EnsureInitialized(
ref _supportWebSockets,
ref _supportWebSocketsInitialized,
ref _supportWebSocketsLock,
() => environment.SupportsWebSockets());
hostContext.Items[HostConstants.ShutdownToken] = environment.GetShutdownToken();
hostContext.Items[HostConstants.DebugMode] = environment.GetIsDebugEnabled();
serverRequest.DisableRequestBuffering();
serverResponse.DisableResponseBuffering();
_connection.Initialize(_resolver, hostContext);
return _connection.ProcessRequest(hostContext);
}
public Task Invoke(IDictionary<string, object> environment)
{
var serverRequest = new ServerRequest(environment);
var serverResponse = new ServerResponse(environment);
var hostContext = new HostContext(serverRequest, serverResponse);
string origin = serverRequest.RequestHeaders.GetHeader("Origin");
if (_configuration.EnableCrossDomain)
{
// Add CORS response headers support
if (!String.IsNullOrEmpty(origin))
{
serverResponse.ResponseHeaders.SetHeader("Access-Control-Allow-Origin", origin);
serverResponse.ResponseHeaders.SetHeader("Access-Control-Allow-Credentials", "true");
}
}
else
{
string callback = serverRequest.QueryString["callback"];
// If it's a JSONP request and we're not allowing cross domain requests then block it
// If there's an origin header and it's not a same origin request then block it.
if (!String.IsNullOrEmpty(callback) ||
(!String.IsNullOrEmpty(origin) && !IsSameOrigin(serverRequest.Url, origin)))
{
return EndResponse(environment, 403, "Forbidden");
}
}
// Add the nosniff header for all responses to prevent IE from trying to sniff mime type from contents
serverResponse.ResponseHeaders.SetHeader("X-Content-Type-Options", "nosniff");
hostContext.Items[HostConstants.SupportsWebSockets] = LazyInitializer.EnsureInitialized(
ref _supportWebSockets,
ref _supportWebSocketsInitialized,
ref _supportWebSocketsLock,
() => environment.SupportsWebSockets());
hostContext.Items[HostConstants.ShutdownToken] = environment.GetShutdownToken();
hostContext.Items[HostConstants.DebugMode] = environment.GetIsDebugEnabled();
serverRequest.DisableRequestCompression();
serverResponse.DisableResponseBuffering();
_connection.Initialize(_configuration.Resolver, hostContext);
if (!_connection.Authorize(serverRequest))
{
// If we failed to authorize the request then return a 403 since the request
// can't do anything
return EndResponse(environment, 403, "Forbidden");
}
else
{
return _connection.ProcessRequest(hostContext);
}
}
public Task Invoke(IDictionary <string, object> environment)
{
var serverRequest = new ServerRequest(environment);
var serverResponse = new ServerResponse(environment);
var hostContext = new HostContext(serverRequest, serverResponse);
string origin = serverRequest.RequestHeaders.GetHeader("Origin");
if (_configuration.EnableCrossDomain)
{
// Add CORS response headers support
if (!String.IsNullOrEmpty(origin))
{
serverResponse.ResponseHeaders.SetHeader("Access-Control-Allow-Origin", origin);
serverResponse.ResponseHeaders.SetHeader("Access-Control-Allow-Credentials", "true");
}
}
else
{
string callback = serverRequest.QueryString["callback"];
// If it's a JSONP request and we're not allowing cross domain requests then block it
// If there's an origin header and it's not a same origin request then block it.
if (!String.IsNullOrEmpty(callback) ||
(!String.IsNullOrEmpty(origin) && !IsSameOrigin(serverRequest.Url, origin)))
{
return(EndResponse(environment, 403, Resources.Forbidden_CrossDomainIsDisabled));
}
}
// Add the nosniff header for all responses to prevent IE from trying to sniff mime type from contents
serverResponse.ResponseHeaders.SetHeader("X-Content-Type-Options", "nosniff");
// REVIEW: Performance
hostContext.Items[HostConstants.SupportsWebSockets] = environment.SupportsWebSockets();
hostContext.Items[HostConstants.ShutdownToken] = environment.GetShutdownToken();
hostContext.Items[HostConstants.DebugMode] = environment.GetIsDebugEnabled();
serverRequest.DisableRequestCompression();
serverResponse.DisableResponseBuffering();
_connection.Initialize(_configuration.Resolver, hostContext);
if (!_connection.Authorize(serverRequest))
{
// If we failed to authorize the request then return a 403 since the request
// can't do anything
return(EndResponse(environment, 403, "Forbidden"));
}
else
{
return(_connection.ProcessRequest(hostContext));
}
}
public void DomainForHostHeaderAndPort()
{
var env = new Dictionary<string, object>();
env[OwinConstants.RequestScheme] = "https";
env[OwinConstants.RequestPathBase] = String.Empty;
env[OwinConstants.RequestPath] = String.Empty;
var headers = new Dictionary<string, string[]>();
headers["Host"] = new[] { "www.foo.com:356" };
env[OwinConstants.RequestHeaders] = headers;
var request = new ServerRequest(env);
Assert.Equal("www.foo.com", request.Url.Host);
Assert.Equal(356, request.Url.Port);
}
public void HostWithoutPortUsesDefaultHttpsPort()
{
var env = new Dictionary<string, object>();
env[OwinConstants.RequestScheme] = "https";
env[OwinConstants.RequestPathBase] = String.Empty;
env[OwinConstants.RequestPath] = String.Empty;
env[OwinConstants.LocalPort] = "34";
var headers = new Dictionary<string, string[]>();
headers["Host"] = new[] { "www.foo.com" };
env[OwinConstants.RequestHeaders] = headers;
var request = new ServerRequest(env);
Assert.Equal("www.foo.com", request.Url.Host);
Assert.Equal(443, request.Url.Port);
}
public void NoHostHeaderUsesIPAddress()
{
var env = new Dictionary<string, object>();
env[OwinConstants.RequestScheme] = "http";
env[OwinConstants.RequestPathBase] = String.Empty;
env[OwinConstants.RequestPath] = String.Empty;
env[OwinConstants.RequestQueryString] = String.Empty;
var headers = new Dictionary<string, string[]>();
env[OwinConstants.RequestHeaders] = headers;
env[OwinConstants.LocalIpAddress] = "someip";
var request = new ServerRequest(env);
Assert.Equal("someip", request.Url.Host);
Assert.Equal(80, request.Url.Port);
}
public void NoPortReturnsDefaultHttpPort()
{
var env = new Dictionary<string, object>();
env[OwinConstants.RequestScheme] = "http";
env[OwinConstants.RequestPathBase] = String.Empty;
env[OwinConstants.RequestPath] = String.Empty;
env[OwinConstants.RequestQueryString] = String.Empty;
var headers = new Dictionary<string, string[]>();
headers["Host"] = new[] { "www.foo.com" };
env[OwinConstants.RequestHeaders] = headers;
var request = new ServerRequest(env);
Assert.Equal("www.foo.com", request.Url.Host);
Assert.Equal(80, request.Url.Port);
}
public void UsesLocalPortIfHostHeaderMissing()
{
var env = new Dictionary<string, object>();
env[OwinConstants.RequestScheme] = "https";
env[OwinConstants.RequestPathBase] = String.Empty;
env[OwinConstants.RequestPath] = String.Empty;
env[OwinConstants.RequestQueryString] = String.Empty;
env[OwinConstants.LocalPort] = "12345";
env[OwinConstants.LocalIpAddress] = "192.168.1.1";
var headers = new Dictionary<string, string[]>();
env[OwinConstants.RequestHeaders] = headers;
var request = new ServerRequest(env);
Assert.Equal("192.168.1.1", request.Url.Host);
Assert.Equal(12345, request.Url.Port);
}
public void IPv4AddressForHostHeader()
{
var env = new Dictionary<string, object>();
env[OwinConstants.RequestScheme] = "http";
env[OwinConstants.RequestPathBase] = String.Empty;
env[OwinConstants.RequestPath] = String.Empty;
var headers = new Dictionary<string, string[]>();
headers["Host"] = new[] { "192.168.1.1" };
env[OwinConstants.RequestHeaders] = headers;
var request = new ServerRequest(env);
Assert.Equal("192.168.1.1", request.Url.Host);
Assert.Equal(80, request.Url.Port);
}
public void NotAWebSocketRequestThrowsSynchronously()
{
var env = new Dictionary<string, object>();
var request = new ServerRequest(env);
Assert.Throws<InvalidOperationException>(() => request.AcceptWebSocketRequest(socket => TaskAsyncHelper.Empty));
}
public void NoHostOrIpAddressUsesLoopback()
{
var env = new Dictionary<string, object>();
env[OwinConstants.RequestScheme] = "https";
env[OwinConstants.RequestPathBase] = String.Empty;
env[OwinConstants.RequestPath] = String.Empty;
var headers = new Dictionary<string, string[]>();
env[OwinConstants.RequestHeaders] = headers;
var request = new ServerRequest(env);
Assert.Equal(IPAddress.Loopback.ToString(), request.Url.Host);
Assert.Equal(443, request.Url.Port);
}
public void IPv6AddressForHostHeaderAndPort()
{
var env = new Dictionary<string, object>();
env[OwinConstants.RequestScheme] = "http";
env[OwinConstants.RequestPathBase] = String.Empty;
env[OwinConstants.RequestPath] = String.Empty;
var headers = new Dictionary<string, string[]>();
headers["Host"] = new[] { "[FEDC:BA98:7654:3210:FEDC:BA98:7654:3210]:1234" };
env[OwinConstants.RequestHeaders] = headers;
var request = new ServerRequest(env);
Assert.Equal("[fedc:ba98:7654:3210:fedc:ba98:7654:3210]", request.Url.Host.ToLowerInvariant());
Assert.Equal(1234, request.Url.Port);
}