From 2a4f2cccabbde3d24f785e8e87d78f3cdf17fa4e Mon Sep 17 00:00:00 2001 From: Sebastian Date: Tue, 25 Oct 2016 21:11:42 +0200 Subject: [PATCH] Cert fix --- .../Identity/IdentityServices.cs | 2 +- src/Squidex/Pipeline/SingleUrlsMiddleware.cs | 54 +++++++++++++++++++ src/Squidex/Startup.cs | 3 ++ src/Squidex/web.config | 2 +- 4 files changed, 59 insertions(+), 2 deletions(-) create mode 100644 src/Squidex/Pipeline/SingleUrlsMiddleware.cs diff --git a/src/Squidex/Configurations/Identity/IdentityServices.cs b/src/Squidex/Configurations/Identity/IdentityServices.cs index 7e0c80578..93dfeb51a 100644 --- a/src/Squidex/Configurations/Identity/IdentityServices.cs +++ b/src/Squidex/Configurations/Identity/IdentityServices.cs @@ -32,7 +32,7 @@ namespace Squidex.Configurations.Identity var certData = new byte[certStream.Length]; certStream.Read(certData, 0, certData.Length); - certificate = new X509Certificate2(certData, "password"); + certificate = new X509Certificate2(certData, "password", X509KeyStorageFlags.MachineKeySet); } services.AddSingleton( diff --git a/src/Squidex/Pipeline/SingleUrlsMiddleware.cs b/src/Squidex/Pipeline/SingleUrlsMiddleware.cs new file mode 100644 index 000000000..e22c8d681 --- /dev/null +++ b/src/Squidex/Pipeline/SingleUrlsMiddleware.cs @@ -0,0 +1,54 @@ +// ========================================================================== +// SingleUrlsMiddleware.cs +// Squidex Headless CMS +// ========================================================================== +// Copyright (c) Squidex Group +// All rights reserved. +// ========================================================================== + +using System; +using System.Threading.Tasks; +using Microsoft.AspNetCore.Http; +using Microsoft.Extensions.Logging; + +namespace Squidex.Pipeline +{ + public sealed class SingleUrlsMiddleware + { + private readonly RequestDelegate next; + private readonly ILogger logger; + + public SingleUrlsMiddleware(RequestDelegate next, ILoggerFactory factory) + { + this.next = next; + + logger = factory.CreateLogger(); + } + + public async Task Invoke(HttpContext context) + { + var currentUrl = string.Concat(context.Request.Scheme, context.Request.Host, context.Request.Path); + + var hostName = context.Request.Host.ToString().ToLowerInvariant(); + if (hostName.StartsWith("www")) + { + hostName = hostName.Substring(3); + } + + var requestPath = context.Request.Path.ToString(); + if (requestPath.EndsWith("/") == false) + { + requestPath = requestPath + "/"; + } + + var newUrl = string.Concat("https://", hostName, requestPath); + + if (!string.Equals(newUrl, currentUrl, StringComparison.OrdinalIgnoreCase)) + { + logger.LogError("Invalid url: {0} instead {1}", currentUrl, newUrl); + } + + await next(context); + } + } +} diff --git a/src/Squidex/Startup.cs b/src/Squidex/Startup.cs index dcf3b92dd..345b98aa6 100644 --- a/src/Squidex/Startup.cs +++ b/src/Squidex/Startup.cs @@ -23,6 +23,7 @@ using Squidex.Configurations.Identity; using Squidex.Configurations.Web; using Squidex.Store.MongoDb; using System.Linq; +using Squidex.Pipeline; // ReSharper disable ConvertClosureToMethodGroup // ReSharper disable AccessToModifiedClosure @@ -92,6 +93,8 @@ namespace Squidex loggerFactory.AddConsole(); loggerFactory.AddDebug(); + app.UseMiddleware(); + if (Environment.IsDevelopment()) { app.UseDeveloperExceptionPage(); diff --git a/src/Squidex/web.config b/src/Squidex/web.config index 05ac0e36d..958ea0aa0 100644 --- a/src/Squidex/web.config +++ b/src/Squidex/web.config @@ -4,6 +4,6 @@ - +