private bool CanPerformProfilingAction(object sender)
{
if (GlobalSettings.DebugMode == false)
{
return(false);
}
//will not run in medium trust
if (SystemUtilities.GetCurrentTrustLevel() < AspNetHostingPermissionLevel.High)
{
return(false);
}
var request = TryGetRequest(sender);
if (request.Success == false || request.Result.Url.IsClientSideRequest())
{
return(false);
}
if (string.IsNullOrEmpty(request.Result.QueryString["umbDebug"]))
{
return(true);
}
if (request.Result.Url.IsBackOfficeRequest(HttpRuntime.AppDomainAppVirtualPath))
{
return(true);
}
return(true);
}
// this exists only for legacy reasons - we should just pass the server identity un-hashed
public static string GetCurrentServerHash()
{
if (SystemUtilities.GetCurrentTrustLevel() != System.Web.AspNetHostingPermissionLevel.Unrestricted)
{
throw new NotSupportedException("FullTrust ASP.NET permission level is required.");
}
return(GetServerHash(NetworkHelper.MachineName, System.Web.HttpRuntime.AppDomainAppId));
}
protected void Application_End(object sender, EventArgs e)
{
if (SystemUtilities.GetCurrentTrustLevel() == AspNetHostingPermissionLevel.Unrestricted)
{
LogHelper.Info <UmbracoApplication>("Application shutdown. Reason: " + HostingEnvironment.ShutdownReason);
}
OnApplicationEnd(sender, e);
}
/// <summary>
/// Handle the Init event o fthe UmbracoApplication which allows us to subscribe to the HttpApplication events
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
void UmbracoApplicationApplicationInit(object sender, EventArgs e)
{
var app = sender as HttpApplication;
if (app == null)
{
return;
}
if (SystemUtilities.GetCurrentTrustLevel() < AspNetHostingPermissionLevel.High)
{
//If we don't have a high enough trust level we cannot bind to the events
LogHelper.Info <WebProfiler>("Cannot start the WebProfiler since the application is running in Medium trust");
}
else
{
app.BeginRequest += UmbracoApplicationBeginRequest;
app.EndRequest += UmbracoApplicationEndRequest;
}
}
private bool ShouldProfile(object sender)
{
if (GlobalSettings.DebugMode == false)
{
return(false);
}
//will not run in medium trust
if (SystemUtilities.GetCurrentTrustLevel() < AspNetHostingPermissionLevel.High)
{
return(false);
}
var request = TryGetRequest(sender);
if (request.Success == false || request.Result.Url.IsClientSideRequest())
{
return(false);
}
//if there is an umbDebug query string than profile it
bool umbDebug;
if (string.IsNullOrEmpty(request.Result.QueryString["umbDebug"]) == false && bool.TryParse(request.Result.QueryString["umbDebug"], out umbDebug))
{
return(true);
}
//if there is an umbDebug header than profile it
if (string.IsNullOrEmpty(request.Result.Headers["X-UMB-DEBUG"]) == false && bool.TryParse(request.Result.Headers["X-UMB-DEBUG"], out umbDebug))
{
return(true);
}
//everything else is ok to profile
return(false);
}
public static string MacroContentByHttp(int pageId, Guid pageVersion, Hashtable attributes, IMacroService macroService)
{
// though... we only support FullTrust now?
if (SystemUtilities.GetCurrentTrustLevel() != AspNetHostingPermissionLevel.Unrestricted)
{
return("<span style='color: red'>Cannot render macro content in the rich text editor when the application is running in a Partial Trust environment</span>");
}
var tempAlias = attributes["macroalias"]?.ToString() ?? attributes["macroAlias"].ToString();
var m = macroService.GetByAlias(tempAlias);
if (m == null)
{
return(string.Empty);
}
var macro = new MacroModel(m);
if (macro.RenderInEditor == false)
{
return(ShowNoMacroContent(macro));
}
var querystring = $"umbPageId={pageId}&umbVersionId={pageVersion}";
var ide = attributes.GetEnumerator();
while (ide.MoveNext())
{
querystring += $"&umb_{ide.Key}={HttpContext.Current.Server.UrlEncode((ide.Value ?? String.Empty).ToString())}";
}
// create a new 'HttpWebRequest' object to the mentioned URL.
var useSsl = Current.Configs.Global().UseHttps;
var protocol = useSsl ? "https" : "http";
var currentRequest = HttpContext.Current.Request;
var serverVars = currentRequest.ServerVariables;
var umbracoDir = IOHelper.ResolveUrl(SystemDirectories.Umbraco);
var url = $"{protocol}://{serverVars["SERVER_NAME"]}:{serverVars["SERVER_PORT"]}{umbracoDir}/macroResultWrapper.aspx?{querystring}";
var myHttpWebRequest = (HttpWebRequest)WebRequest.Create(url);
// allows for validation of SSL conversations (to bypass SSL errors in debug mode!)
ServicePointManager.ServerCertificateValidationCallback += ValidateRemoteCertificate;
// propagate the user's context
// TODO: this is the worst thing ever.
// also will not work if people decide to put their own custom auth system in place.
var inCookie = currentRequest.Cookies[Current.Configs.Settings().Security.AuthCookieName];
if (inCookie == null)
{
throw new NullReferenceException("No auth cookie found");
}
var cookie = new Cookie(inCookie.Name, inCookie.Value, inCookie.Path, serverVars["SERVER_NAME"]);
myHttpWebRequest.CookieContainer = new CookieContainer();
myHttpWebRequest.CookieContainer.Add(cookie);
// assign the response object of 'HttpWebRequest' to a 'HttpWebResponse' variable.
HttpWebResponse myHttpWebResponse = null;
var text = string.Empty;
try
{
myHttpWebResponse = (HttpWebResponse)myHttpWebRequest.GetResponse();
if (myHttpWebResponse.StatusCode == HttpStatusCode.OK)
{
var streamResponse = myHttpWebResponse.GetResponseStream();
if (streamResponse == null)
{
throw new Exception("Internal error, no response stream.");
}
var streamRead = new StreamReader(streamResponse);
var readBuff = new char[256];
var count = streamRead.Read(readBuff, 0, 256);
while (count > 0)
{
var outputData = new string(readBuff, 0, count);
text += outputData;
count = streamRead.Read(readBuff, 0, 256);
}
streamResponse.Close();
streamRead.Close();
// find the content of a form
const string grabStart = "<!-- grab start -->";
const string grabEnd = "<!-- grab end -->";
var grabStartPos = text.InvariantIndexOf(grabStart) + grabStart.Length;
var grabEndPos = text.InvariantIndexOf(grabEnd) - grabStartPos;
text = text.Substring(grabStartPos, grabEndPos);
}
else
{
text = ShowNoMacroContent(macro);
}
}
catch (Exception)
{
text = ShowNoMacroContent(macro);
}
finally
{
// release the HttpWebResponse Resource.
myHttpWebResponse?.Close();
}
return(text.Replace("\n", string.Empty).Replace("\r", string.Empty));
}