/// <summary> /// Returns the HTTP response content appropriate to the given error. /// </summary> /// <param name="ex"> /// The exceptoin which was raised. /// </param> /// <returns> /// The HTML response to return to the client. /// </returns> public static string GetResponseContent(BadBehaviorException ex) { string email = ex.Package.Settings.SupportEmail; var dict = new Dictionary<string, string>(); dict["response"] = ex.Error.HttpCode.ToString(); dict["request_uri"] = ex.Package.Request.RawUrl; dict["explanation"] = ex.Error.Explanation; dict["support_key"] = BuildSupportKey(ex.Package.OriginatingIP, ex.Error.Code); if (email != null) dict["email"] = email; return template.Process(dict); }
/// <summary> /// Called when an error or suspicious condition has been raised. /// </summary> /// <param name="package"> /// The <see cref="Package"/> instance containing details of the request. /// </param> /// <param name="error"> /// The error condition detailing the problem. /// </param> /// <param name="strict"> /// true if this is a strict condition (i.e. should only be trapped when /// running in strict mode); otherwise false. /// </param> protected virtual void Raise(Package package, Error error, bool strict) { bool thrown = this.Settings.Strict || !strict; var ex = new BadBehaviorException(package, error); try { Logger.Log(new LogEntry(ex, thrown)); var args = new BadBehaviorEventArgs(package, error); OnBadBehavior(args); } catch (Exception loggingException) { /* * An exception when logging or running the event handler needs to * be trapped here, for two reasons. First, logging must not bring * anything to a halt under any circumstances. Second, if we throw * an "uninteresting" (ie non-BB) exception here, it will be * swallowed higher up the call stack in ValidateRequest above, * and the request will be given the all clear when it should have * been rejected. * * So, Pokémon it and log it to System.Diagnostics.Trace. */ if (loggingException is BadBehaviorException || this.Settings.Debug) throw; else Trace.TraceWarning( "An error was encountered when attempting to validate this request. " + "Exception details: " + loggingException.ToString() ); } if (thrown) { throw ex; } }
/// <summary> /// Handles an error and sends an appropriate response to the client. /// </summary> /// <param name="context"> /// The <see cref="HttpApplication"/> instance containing the web request. /// </param> /// <param name="ex"> /// The exception which was raised by the /// </param> public virtual void HandleError(HttpApplication context, BadBehaviorException ex) { string content = GetResponseContent(ex); context.Response.StatusCode = ex.Error.HttpCode; context.Response.StatusDescription = "Bad Behavior"; context.Response.AddHeader("Status", "Bad Behavior"); context.Response.ContentType = "text/html"; context.Response.Write(content); context.Server.ClearError(); context.CompleteRequest(); }