예제 #1
0
        /// <summary>
        /// Process an individual request.
        /// </summary>
        /// <param name="context">The context.</param>
        /// <returns>The task object representing the asynchronous operation.</returns>
        public async Task Invoke(HttpContext context)
        {
            if (IsExpectCtReportRequest(context.Request))
            {
                ExpectCtViolationReport report = null;

                using (StreamReader requestBodyReader = new StreamReader(context.Request.Body))
                {
                    using (JsonReader requestBodyJsonReader = new JsonTextReader(requestBodyReader))
                    {
                        JsonSerializer serializer = new JsonSerializer();
                        serializer.Converters.Add(new ExpectCtViolationReportJsonConverter());
                        serializer.DateFormatHandling = DateFormatHandling.IsoDateFormat;

                        report = serializer.Deserialize <ExpectCtViolationReport>(requestBodyJsonReader);
                    }
                }

                if (report != null)
                {
                    ISecurityHeadersReportingService securityHeadersReportingService = context.RequestServices.GetRequiredService <ISecurityHeadersReportingService>();

                    await securityHeadersReportingService.OnExpectCtViolationAsync(report);
                }

                context.Response.StatusCode = StatusCodes.Status204NoContent;
            }
            else
            {
                await _next(context);
            }
        }
예제 #2
0
        public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
        {
            ExpectCtViolationReport value = null;

            if (reader.TokenType == JsonToken.StartObject)
            {
                while ((value == null) && reader.Read() && (reader.TokenType != JsonToken.EndObject))
                {
                    if ((reader.TokenType == JsonToken.PropertyName) && ((reader.Value as string) == "expect-ct-report"))
                    {
                        if (reader.Read() && (reader.TokenType == JsonToken.StartObject))
                        {
                            value = new ExpectCtViolationReport();

                            while (reader.Read() && (reader.TokenType != JsonToken.EndObject))
                            {
                                if ((reader.TokenType == JsonToken.PropertyName))
                                {
                                    switch ((reader.Value as string))
                                    {
                                    case "date-time":
                                        value.FailureDate = reader.ReadAsDateTime() ?? DateTime.MinValue;
                                        break;

                                    case "hostname":
                                        value.Hostname = reader.ReadAsString();
                                        break;

                                    case "port":
                                        value.Port = reader.ReadAsInt32() ?? -1;
                                        break;

                                    case "effective-expiration-date":
                                        value.EffectiveExpirationDate = reader.ReadAsDateTime() ?? DateTime.MinValue;
                                        break;

                                    default:
                                        reader.Skip();
                                        break;
                                    }
                                }
                            }
                        }
                    }
                    else
                    {
                        reader.Skip();
                    }
                }
            }

            return(value);
        }