public void Execute(HttpServer.IHttpClientContext context, HttpServer.IHttpRequest request, HttpServer.IHttpResponse response, HttpServer.Sessions.IHttpSession session)
{
var filePath = request.Uri.LocalPath;
// Prevent hacking
filePath = filePath.Replace('/', '\\');
filePath = filePath.Substring(filePath.LastIndexOf('\\'));
if (filePath[0] == '\\')
{
filePath = filePath.Substring(1);
}
response.Connection = HttpServer.ConnectionType.Close;
try
{
var content = TemplateTools.ReadResourceFile(filePath);
response.ContentType = GetMimeTypeByExtension(filePath);
response.ContentLength = content.Length;
response.SendHeaders();
response.SendBody(content);
}
catch
{
response.Reason = "HTTP/1.1 404 Not Found";
response.Send();
}
}
protected override void Dispose(bool disposing)
{
if (!m_resp.HeadersSent)
{
base.Flush();
m_resp.ContentLength = base.BaseStream.Length;
m_resp.Send();
}
base.Dispose(disposing);
}
public bool Process(HttpServer.IHttpRequest aRequest, HttpServer.IHttpResponse aResponse, HttpServer.Sessions.IHttpSession aSession)
{
if (aRequest.Uri.AbsolutePath == "/user/bye/")
{
Host?.Logger.WriteLine($"Accept request for : {aRequest.Uri}");
var writer = new StreamWriter(aResponse.Body);
writer.WriteLine("<library><book>Eu e eu...</book></library>");
writer.Flush();
aResponse.Send();
return(true);
}
return(false);
}
public bool Process(HttpServer.IHttpRequest aRequest, HttpServer.IHttpResponse aResponse, HttpServer.Sessions.IHttpSession aSession)
{
if (aRequest.Uri.AbsolutePath == "/user/hello/")
{
if (Host != null)
{
Host.Logger.WriteLine(String.Format("Accept request for : {0}", aRequest.Uri.ToString()));
}
var writer = new StreamWriter(aResponse.Body);
writer.WriteLine("Olá Malta...");
writer.Flush();
aResponse.Send();
return(true);
}
return(false);
}
/// <summary>
/// Process the received request
/// </summary>
/// <returns>A flag indicating if the request is handled.</returns>
/// <param name="request">The received request.</param>
/// <param name="response">The response object.</param>
/// <param name="session">The session state.</param>
public override bool Process(HttpServer.IHttpRequest request, HttpServer.IHttpResponse response, HttpServer.Sessions.IHttpSession session)
{
string[] h = null;
var hstring = Program.DataConnection.ApplicationSettings.AllowedHostnames;
if (!string.IsNullOrWhiteSpace(hstring))
{
h = m_lastSplitNames;
if (hstring != m_lastAllowed)
{
m_lastAllowed = hstring;
h = m_lastSplitNames = (hstring ?? string.Empty).Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries);
}
if (h == null || h.Length == 0)
{
h = null;
}
}
// For some reason, the web server strips out the host header
var host = request.Headers["Host"];
if (string.IsNullOrWhiteSpace(host))
{
host = request.Uri.Host;
}
// This should not happen
if (string.IsNullOrWhiteSpace(host))
{
response.Reason = "Invalid request, missing host header";
response.Status = System.Net.HttpStatusCode.Forbidden;
var msg = System.Text.Encoding.ASCII.GetBytes(response.Reason);
response.ContentType = "text/plain";
response.ContentLength = msg.Length;
response.Body.Write(msg, 0, msg.Length);
response.Send();
return(true);
}
// Check the hostnames we always allow
if (Array.IndexOf(DEFAULT_ALLOWED, host) >= 0)
{
return(false);
}
// Then the user specified ones
if (h != null && Array.IndexOf(h, host) >= 0)
{
return(false);
}
// Disable checks if we have an asterisk
if (h != null && Array.IndexOf(h, "*") >= 0)
{
return(false);
}
// Finally, check if we have a potential IP address
var v4 = IPV4.Match(host);
var v6 = IPV6.Match(host);
if ((v4.Success && v4.Length == host.Length) || (v6.Success && v6.Length == host.Length))
{
try
{
// Verify that the hostname is indeed a valid IP address
System.Net.IPAddress.Parse(host);
return(false);
}
catch
{ }
}
// Failed to find a valid header
response.Reason = $"The host header sent by the client is not allowed";
response.Status = System.Net.HttpStatusCode.Forbidden;
var txt = System.Text.Encoding.ASCII.GetBytes(response.Reason);
response.ContentType = "text/plain";
response.ContentLength = txt.Length;
response.Body.Write(txt, 0, txt.Length);
response.Send();
return(true);
}
