/// <summary>
        /// Add clickjack headers
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        void OnPostRequestHandlerExecute(object sender, RuntimeEventArgs e)
        {
            // Get response
            HttpResponse response = (HttpContext.Current != null ? HttpContext.Current.Response : null);

            if (response == null)
            {
                throw new InvalidOperationException();
            }

            // Add clickjack protection
            switch (_mode)
            {
            case FramingModeType.Deny:
                response.AddHeader(HeaderName, DenyValue);
                break;

            case FramingModeType.Sameorigin:
                response.AddHeader(HeaderName, SameoriginValue);
                break;

            default:
                throw new ArgumentOutOfRangeException();
            }
        }
        /// <summary>
        ///     Verify CSRF guard before page executes
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        private void OnPreRequestHandlerExecute(object sender, RuntimeEventArgs e)
        {
            // Get current page
            Page currentPage = (HttpContext.Current != null ? HttpContext.Current.CurrentHandler as Page : null);

            if (currentPage != null)
            {
                // Add CSRF guard when page initializes
                currentPage.Init += (p, a) => Esapi.HttpUtilities.AddCsrfToken();
            }
        }
示例#3
0
        /// <summary>
        /// Verify CSRF guard before page executes
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        void OnPreRequestHandlerExecute(object sender, RuntimeEventArgs e)
        {
            // Get current page
            Page currentPage = (HttpContext.Current != null ?
                                HttpContext.Current.CurrentHandler as Page :
                                null);

            if (currentPage != null)
            {
                // Add CSRF guard when page initializes
                currentPage.Init += new EventHandler((p, a) => Esapi.HttpUtilities.AddCsrfToken());
            }
        }
示例#4
0
        /// <summary>
        /// Verify request rate
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        void OnPreRequestHandlerExecute(object sender, RuntimeEventArgs e)
        {
            HttpSessionState session = (HttpContext.Current != null ? HttpContext.Current.Session : null);

            // No session initialized yet
            if (session == null)
            {
                return;
            }
            // Get current and history requests
            List <DateTime> requestHistory = GetRequestHistory(session);

            Debug.Assert(requestHistory != null);

            DateTime currentTimestamp = DateTime.Now;

            // Lookup first in timespan
            int pos = -1;

            for (int i = 0; i < requestHistory.Count; ++i)
            {
                DateTime hit = requestHistory[i];
                if (currentTimestamp - hit <= _timespan)
                {
                    pos = i;
                    break;
                }
            }

            // Add current
            requestHistory.Add(currentTimestamp);

            // Check & cleanup
            if (pos != -1)
            {
                // Remove expired records
                for (int i = 0; i < pos; ++i)
                {
                    requestHistory.RemoveAt(0);
                }
                // Check interval
                if (requestHistory.Count >= _maxCount)
                {
                    throw new IntrusionException(EM.RequestThrottleRule_MaximumExceeded, EM.RequestThrottleRule_MaximumExceeded);
                }
            }
        }
示例#5
0
 private void OnDeviceSync(RuntimeEventArgs args)
 {
     Log.WriteLine(Id);
     if (m_IsFlowRequested)
     {
         Log.WriteLine(Id, "Send SendFlowCommand FlowRequested = " + FlowRequested.ToString());
         if (IsSimulated)
         {
             Flow = FlowRequested;
         }
         else
         {
             //SendFlowCommand(FlowRequested, m_EluentPercentA, m_EluentPercentB, m_EluentPercentC, m_EluentPercentD, m_PressureMin, m_PressureMax);
         }
         m_IsFlowRequested = false;
     }
 }
示例#6
0
 private void OnDeviceLatch(RuntimeEventArgs args)
 {
     Log.WriteLine(Id);
 }
        /// <summary>
        ///     Verify request rate
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        private void OnPreRequestHandlerExecute(object sender, RuntimeEventArgs e)
        {
            HttpSessionState session = (HttpContext.Current != null ? HttpContext.Current.Session : null);

            // No session initialized yet
            if (session == null)
            {
                return;
            }
            // Get current and history requests
            List<DateTime> requestHistory = this.GetRequestHistory(session);
            Debug.Assert(requestHistory != null);

            DateTime currentTimestamp = DateTime.Now;

            // Lookup first in timespan
            int pos = -1;
            for (int i = 0; i < requestHistory.Count; ++i)
            {
                DateTime hit = requestHistory[i];
                if (currentTimestamp - hit <= this._timespan)
                {
                    pos = i;
                    break;
                }
            }

            // Add current
            requestHistory.Add(currentTimestamp);

            // Check & cleanup
            if (pos != -1)
            {
                // Remove expired records
                for (int i = 0; i < pos; ++i)
                {
                    requestHistory.RemoveAt(0);
                }
                // Check interval
                if (requestHistory.Count >= this._maxCount)
                {
                    throw new IntrusionException(
                        EM.RequestThrottleRule_MaximumExceeded,
                        EM.RequestThrottleRule_MaximumExceeded);
                }
            }
        }
示例#8
0
        void m_Device_OnSync(RuntimeEventArgs args)
        {
            String message = String.Format("Device.OnSync({0}) called", args.InstrumentID);

            m_Device.AuditMessage(AuditLevel.Normal, message);
        }
        /// <summary>
        ///     Add clickjack headers
        /// </summary>
        /// <param name="sender"></param>
        /// <param name="e"></param>
        private void OnPostRequestHandlerExecute(object sender, RuntimeEventArgs e)
        {
            // Get response
            HttpResponse response = (HttpContext.Current != null ? HttpContext.Current.Response : null);
            if (response == null)
            {
                throw new InvalidOperationException();
            }

            // Add clickjack protection
            switch (this._mode)
            {
                case FramingModeType.Deny:
                    response.AddHeader(HeaderName, DenyValue);
                    break;
                case FramingModeType.Sameorigin:
                    response.AddHeader(HeaderName, SameoriginValue);
                    break;
                default:
                    throw new ArgumentOutOfRangeException();
            }
        }