private static void AddHeaderIfNotNull(IHttpHeader contentEncodingHeader, HttpServerResponse newResponse)
{
if (contentEncodingHeader != null)
{
newResponse.AddHeader(contentEncodingHeader);
}
}
private async Task <HttpServerResponse> AddContentEncodingAsync(HttpServerResponse httpResponse, IEnumerable <string> acceptEncodings)
{
var contentEncoder = _contentEncoderFactory.GetEncoder(acceptEncodings);
var encodedContent = await contentEncoder.Encode(httpResponse.Content);
var newResponse = new HttpServerResponse(httpResponse.HttpVersion, httpResponse.ResponseStatus);
foreach (var header in httpResponse.Headers)
{
newResponse.AddHeader(header);
}
newResponse.Content = encodedContent;
newResponse.AddHeader(new ContentLengthHeader(encodedContent?.Length ?? 0));
var contentEncodingHeader = contentEncoder.ContentEncodingHeader;
AddHeaderIfNotNull(contentEncodingHeader, newResponse);
return(newResponse);
}
public AfterHandleRequestResult AfterHandleRequest(IHttpServerRequest request, HttpServerResponse httpResponse)
{
string origin;
if (!TryGetAllowOrigin(request.Origin, out origin))
{
return(null);
}
httpResponse.AddHeader(new AccessControlAllowOriginHeader(origin));
return(new AfterHandleRequestResult(httpResponse));
}
private static void HttpPostSet(HttpServerResponse resp, HttpServerRequest req)
{
FormParameters Parameters = req.Data as FormParameters;
if (Parameters == null)
{
throw new HttpException(HttpStatusCode.ClientError_BadRequest);
}
int i;
bool b;
for (i = 0; i < 8; i++)
{
if (XmlUtilities.TryParseBoolean(Parameters ["do" + (i + 1).ToString()], out b) && b)
{
digitalOutputs [i].High();
state.SetDO(i + 1, true);
}
else
{
digitalOutputs [i].Low(); // Unchecked checkboxes are not reported back to the server.
state.SetDO(i + 1, false);
}
}
if (XmlUtilities.TryParseBoolean(Parameters ["alarm"], out b) && b)
{
AlarmOn();
state.Alarm = true;
}
else
{
AlarmOff();
state.Alarm = false;
}
state.UpdateIfModified();
resp.ReturnCode = HttpStatusCode.Redirection_SeeOther;
resp.AddHeader("Location", "/set");
resp.SendResponse();
// PRG pattern, to avoid problems with post back warnings in the browser: http://en.wikipedia.org/wiki/Post/Redirect/Get
}
private static void HttpPostRoot(HttpServerResponse resp, HttpServerRequest req)
{
networkLed.High();
try
{
FormParameters Parameters = req.Data as FormParameters;
if (Parameters == null)
{
throw new HttpException(HttpStatusCode.ClientError_BadRequest);
}
string UserName = Parameters ["UserName"];
string Password = Parameters ["Password"];
string Hash;
object AuthorizationObject;
GetDigestUserPasswordHash(UserName, out Hash, out AuthorizationObject);
if (AuthorizationObject == null || Hash != CalcHash(UserName, Password))
{
resp.ContentType = "text/html";
resp.Encoding = System.Text.Encoding.UTF8;
resp.ReturnCode = HttpStatusCode.Successful_OK;
Log.Warning("Invalid login attempt.", EventLevel.Minor, UserName, req.ClientAddress);
OutputLoginForm(resp, "<p>The login was incorrect. Either the user name or the password was incorrect. Please try again.</p>");
}
else
{
Log.Information("User logged in.", EventLevel.Minor, UserName, req.ClientAddress);
string SessionId = CreateSessionId(UserName);
resp.SetCookie("SessionId", SessionId, "/");
resp.ReturnCode = HttpStatusCode.Redirection_SeeOther;
resp.AddHeader("Location", "/");
resp.SendResponse();
// PRG pattern, to avoid problems with post back warnings in the browser: http://en.wikipedia.org/wiki/Post/Redirect/Get
}
} finally
{
networkLed.Low();
}
}
private static void HttpPostCredentials(HttpServerResponse resp, HttpServerRequest req)
{
string SessionId = req.Header.GetCookie("SessionId");
if (!CheckSession(SessionId))
{
throw new HttpTemporaryRedirectException("/");
}
FormParameters Parameters = req.Data as FormParameters;
if (Parameters == null)
{
throw new HttpException(HttpStatusCode.ClientError_BadRequest);
}
resp.ContentType = "text/html";
resp.Encoding = System.Text.Encoding.UTF8;
resp.ReturnCode = HttpStatusCode.Successful_OK;
string UserName = Parameters ["UserName"];
string Password = Parameters ["Password"];
string NewUserName = Parameters ["NewUserName"];
string NewPassword1 = Parameters ["NewPassword1"];
string NewPassword2 = Parameters ["NewPassword2"];
string Hash;
object AuthorizationObject;
GetDigestUserPasswordHash(UserName, out Hash, out AuthorizationObject);
if (AuthorizationObject == null || Hash != CalcHash(UserName, Password))
{
Log.Warning("Invalid attempt to change login credentials.", EventLevel.Minor, UserName, req.ClientAddress);
OutputCredentialsForm(resp, "<p>Login credentials provided were not correct. Please try again.</p>");
}
else if (NewPassword1 != NewPassword2)
{
OutputCredentialsForm(resp, "<p>The new password was not entered correctly. Please provide the same new password twice.</p>");
}
else if (string.IsNullOrEmpty(UserName) || string.IsNullOrEmpty(NewPassword1))
{
OutputCredentialsForm(resp, "<p>Please provide a non-empty user name and password.</p>");
}
else if (UserName.Length > DB.ShortStringClipLength)
{
OutputCredentialsForm(resp, "<p>The new user name was too long.</p>");
}
else
{
Log.Information("Login credentials changed.", EventLevel.Minor, UserName, req.ClientAddress);
credentials.UserName = NewUserName;
credentials.PasswordHash = CalcHash(NewUserName, NewPassword1);
credentials.UpdateIfModified();
resp.ReturnCode = HttpStatusCode.Redirection_SeeOther;
resp.AddHeader("Location", "/");
resp.SendResponse();
// PRG pattern, to avoid problems with post back warnings in the browser: http://en.wikipedia.org/wiki/Post/Redirect/Get
}
}
private static void HttpPostSet (HttpServerResponse resp, HttpServerRequest req)
{
FormParameters Parameters = req.Data as FormParameters;
if (Parameters == null)
throw new HttpException (HttpStatusCode.ClientError_BadRequest);
int i;
bool b;
for (i = 0; i < 8; i++)
{
if (XmlUtilities.TryParseBoolean (Parameters ["do" + (i + 1).ToString ()], out b) && b)
{
digitalOutputs [i].High ();
state.SetDO (i + 1, true);
} else
{
digitalOutputs [i].Low (); // Unchecked checkboxes are not reported back to the server.
state.SetDO (i + 1, false);
}
}
if (XmlUtilities.TryParseBoolean (Parameters ["alarm"], out b) && b)
{
AlarmOn ();
state.Alarm = true;
} else
{
AlarmOff ();
state.Alarm = false;
}
state.UpdateIfModified ();
resp.ReturnCode = HttpStatusCode.Redirection_SeeOther;
resp.AddHeader ("Location", "/set");
resp.SendResponse ();
// PRG pattern, to avoid problems with post back warnings in the browser: http://en.wikipedia.org/wiki/Post/Redirect/Get
}
private static void HttpPostCredentials (HttpServerResponse resp, HttpServerRequest req)
{
string SessionId = req.Header.GetCookie ("SessionId");
if (!CheckSession (SessionId))
throw new HttpTemporaryRedirectException ("/");
FormParameters Parameters = req.Data as FormParameters;
if (Parameters == null)
throw new HttpException (HttpStatusCode.ClientError_BadRequest);
resp.ContentType = "text/html";
resp.Encoding = System.Text.Encoding.UTF8;
resp.ReturnCode = HttpStatusCode.Successful_OK;
string UserName = Parameters ["UserName"];
string Password = Parameters ["Password"];
string NewUserName = Parameters ["NewUserName"];
string NewPassword1 = Parameters ["NewPassword1"];
string NewPassword2 = Parameters ["NewPassword2"];
string Hash;
object AuthorizationObject;
GetDigestUserPasswordHash (UserName, out Hash, out AuthorizationObject);
if (AuthorizationObject == null || Hash != CalcHash (UserName, Password))
{
Log.Warning ("Invalid attempt to change login credentials.", EventLevel.Minor, UserName, req.ClientAddress);
OutputCredentialsForm (resp, "<p>Login credentials provided were not correct. Please try again.</p>");
} else if (NewPassword1 != NewPassword2)
{
OutputCredentialsForm (resp, "<p>The new password was not entered correctly. Please provide the same new password twice.</p>");
} else if (string.IsNullOrEmpty (UserName) || string.IsNullOrEmpty (NewPassword1))
{
OutputCredentialsForm (resp, "<p>Please provide a non-empty user name and password.</p>");
} else if (UserName.Length > DB.ShortStringClipLength)
{
OutputCredentialsForm (resp, "<p>The new user name was too long.</p>");
} else
{
Log.Information ("Login credentials changed.", EventLevel.Minor, UserName, req.ClientAddress);
credentials.UserName = NewUserName;
credentials.PasswordHash = CalcHash (NewUserName, NewPassword1);
credentials.UpdateIfModified ();
resp.ReturnCode = HttpStatusCode.Redirection_SeeOther;
resp.AddHeader ("Location", "/");
resp.SendResponse ();
// PRG pattern, to avoid problems with post back warnings in the browser: http://en.wikipedia.org/wiki/Post/Redirect/Get
}
}
private static void HttpPostRoot (HttpServerResponse resp, HttpServerRequest req)
{
FormParameters Parameters = req.Data as FormParameters;
if (Parameters == null)
throw new HttpException (HttpStatusCode.ClientError_BadRequest);
string UserName = Parameters ["UserName"];
string Password = Parameters ["Password"];
string Hash;
object AuthorizationObject;
GetDigestUserPasswordHash (UserName, out Hash, out AuthorizationObject);
if (AuthorizationObject == null || Hash != CalcHash (UserName, Password))
{
resp.ContentType = "text/html";
resp.Encoding = System.Text.Encoding.UTF8;
resp.ReturnCode = HttpStatusCode.Successful_OK;
Log.Warning ("Invalid login attempt.", EventLevel.Minor, UserName, req.ClientAddress);
OutputLoginForm (resp, "<p>The login was incorrect. Either the user name or the password was incorrect. Please try again.</p>");
} else
{
Log.Information ("User logged in.", EventLevel.Minor, UserName, req.ClientAddress);
string SessionId = CreateSessionId (UserName);
resp.SetCookie ("SessionId", SessionId, "/");
resp.ReturnCode = HttpStatusCode.Redirection_SeeOther;
resp.AddHeader ("Location", "/");
resp.SendResponse ();
// PRG pattern, to avoid problems with post back warnings in the browser: http://en.wikipedia.org/wiki/Post/Redirect/Get
}
}