void WEnvironment::enableAjax(const WebRequest& request) { doesAjax_ = true; session_->controller()->newAjaxSession(); doesCookies_ = request.headerValue("Cookie") != 0; if (!request.getParameter("htmlHistory")) hashInternalPaths_ = true; const std::string *scaleE = request.getParameter("scale"); try { dpiScale_ = scaleE ? boost::lexical_cast<double>(*scaleE) : 1; } catch (boost::bad_lexical_cast &e) { dpiScale_ = 1; } const std::string *webGLE = request.getParameter("webGL"); webGLsupported_ = webGLE ? (*webGLE == "true") : false; const std::string *tzE = request.getParameter("tz"); try { timeZoneOffset_ = tzE ? boost::lexical_cast<int>(*tzE) : 0; } catch (boost::bad_lexical_cast &e) { } const std::string *hashE = request.getParameter("_"); // the internal path, when present as an anchor (#), is only // conveyed in the second request if (hashE) setInternalPath(*hashE); const std::string *deployPathE = request.getParameter("deployPath"); if (deployPathE) { publicDeploymentPath_ = *deployPathE; std::size_t s = publicDeploymentPath_.find('/'); if (s != 0) publicDeploymentPath_.clear(); // looks invalid } const std::string *scrWE = request.getParameter("scrW"); if (scrWE) { try { screenWidth_ = boost::lexical_cast<int>(*scrWE); } catch (boost::bad_lexical_cast &) { } } const std::string *scrHE = request.getParameter("scrH"); if (scrHE) { try { screenHeight_ = boost::lexical_cast<int>(*scrHE); } catch (boost::bad_lexical_cast &) { } } }
void WEnvironment::enableAjax(const WebRequest& request) { doesAjax_ = true; session_->controller()->newAjaxSession(); doesCookies_ = !request.headerValue("Cookie").empty(); if (!request.getParameter("htmlHistory")) hashInternalPaths_ = true; const std::string *scaleE = request.getParameter("scale"); try { dpiScale_ = scaleE ? boost::lexical_cast<double>(*scaleE) : 1; } catch (boost::bad_lexical_cast &e) { dpiScale_ = 1; } const std::string *hashE = request.getParameter("_"); // the internal path, when present as an anchor (#), is only // conveyed in the second request if (hashE) setInternalPath(*hashE); const std::string *deployPathE = request.getParameter("deployPath"); if (deployPathE) { publicDeploymentPath_ = *deployPathE; std::size_t s = publicDeploymentPath_.find('/'); if (s != 0) publicDeploymentPath_.clear(); // looks invalid } }
std::string WEnvironment::getClientAddress(const WebRequest& request, const Configuration& conf) { std::string result; /* * Determine client address, taking into account proxies */ if (conf.behindReverseProxy()) { std::string clientIp = request.headerValue("Client-IP"); boost::trim(clientIp); std::vector<std::string> ips; if (!clientIp.empty()) boost::split(ips, clientIp, boost::is_any_of(",")); std::string forwardedFor = request.headerValue("X-Forwarded-For"); boost::trim(forwardedFor); std::vector<std::string> forwardedIps; if (!forwardedFor.empty()) boost::split(forwardedIps, forwardedFor, boost::is_any_of(",")); Utils::insert(ips, forwardedIps); for (unsigned i = 0; i < ips.size(); ++i) { result = ips[i]; boost::trim(result); if (!result.empty() && !boost::starts_with(result, "10.") && !boost::starts_with(result, "172.16.") && !boost::starts_with(result, "192.168.")) { break; } } } if (result.empty()) result = request.envValue("REMOTE_ADDR"); return result; }
void WEnvironment::init(const WebRequest& request) { Configuration& conf = session_->controller()->configuration(); queryString_ = request.queryString(); parameters_ = request.getParameterMap(); urlScheme_ = request.urlScheme(); referer_ = request.headerValue("Referer"); accept_ = request.headerValue("Accept"); serverSignature_ = request.envValue("SERVER_SIGNATURE"); serverSoftware_ = request.envValue("SERVER_SOFTWARE"); serverAdmin_ = request.envValue("SERVER_ADMIN"); pathInfo_ = request.pathInfo(); #ifndef WT_TARGET_JAVA sslInfo_ = request.sslInfo(); #endif setUserAgent(request.headerValue("User-Agent")); LOG_INFO("UserAgent: " << userAgent_); /* * Determine server host name */ if (conf.behindReverseProxy()) { /* * Take the last entry in X-Forwarded-Host, assuming that we are only * behind 1 proxy */ std::string forwardedHost = request.headerValue("X-Forwarded-Host"); if (!forwardedHost.empty()) { std::string::size_type i = forwardedHost.rfind(','); if (i == std::string::npos) host_ = forwardedHost; else host_ = forwardedHost.substr(i+1); } else host_ = request.headerValue("Host"); } else host_ = request.headerValue("Host"); if (host_.empty()) { /* * HTTP 1.0 doesn't require it: guess from config */ host_ = request.serverName(); if (!request.serverPort().empty()) host_ += ":" + request.serverPort(); } clientAddress_ = getClientAddress(request, conf); std::string cookie = request.headerValue("Cookie"); doesCookies_ = !cookie.empty(); if (doesCookies_) parseCookies(cookie, cookies_); locale_ = request.parseLocale(); }
void WEnvironment::updateUrlScheme(const WebRequest& request) { urlScheme_ = str(request.urlScheme()); Configuration& conf = session_->controller()->configuration(); #ifndef WT_TARGET_JAVA if (conf.behindReverseProxy() || server()->dedicatedSessionProcess()) { #else if (conf.behindReverseProxy()){ #endif std::string forwardedProto = str(request.headerValue("X-Forwarded-Proto")); if (!forwardedProto.empty()) { std::string::size_type i = forwardedProto.rfind(','); if (i == std::string::npos) urlScheme_ = forwardedProto; else urlScheme_ = forwardedProto.substr(i+1); } } } void WEnvironment::init(const WebRequest& request) { Configuration& conf = session_->controller()->configuration(); queryString_ = request.queryString(); parameters_ = request.getParameterMap(); host_ = str(request.headerValue("Host")); referer_ = str(request.headerValue("Referer")); accept_ = str(request.headerValue("Accept")); serverSignature_ = str(request.envValue("SERVER_SIGNATURE")); serverSoftware_ = str(request.envValue("SERVER_SOFTWARE")); serverAdmin_ = str(request.envValue("SERVER_ADMIN")); pathInfo_ = request.pathInfo(); #ifndef WT_TARGET_JAVA if(!str(request.headerValue("Redirect-Secret")).empty()) session_->controller()->redirectSecret_ = str(request.headerValue("Redirect-Secret")); sslInfo_ = request.sslInfo(); if(!sslInfo_ && !str(request.headerValue("SSL-Client-Certificates")).empty()) { parseSSLInfo(str(request.headerValue("SSL-Client-Certificates"))); } #endif setUserAgent(str(request.headerValue("User-Agent"))); updateUrlScheme(request); LOG_INFO("UserAgent: " << userAgent_); /* * If behind a reverse proxy, use external host, schema as communicated using 'X-Forwarded' * headers. */ #ifndef WT_TARGET_JAVA if (conf.behindReverseProxy() || server()->dedicatedSessionProcess()) { #else if (conf.behindReverseProxy()){ #endif std::string forwardedHost = str(request.headerValue("X-Forwarded-Host")); if (!forwardedHost.empty()) { std::string::size_type i = forwardedHost.rfind(','); if (i == std::string::npos) host_ = forwardedHost; else host_ = forwardedHost.substr(i+1); } } if (host_.empty()) { /* * HTTP 1.0 doesn't require it: guess from config */ host_ = request.serverName(); if (!request.serverPort().empty()) host_ += ":" + request.serverPort(); } clientAddress_ = getClientAddress(request, conf); const char *cookie = request.headerValue("Cookie"); doesCookies_ = cookie; if (cookie) parseCookies(cookie, cookies_); locale_ = request.parseLocale(); } #ifndef WT_TARGET_JAVA void WEnvironment::parseSSLInfo(const std::string& json) { #ifdef WT_WITH_SSL Wt::Json::Object obj; Wt::Json::ParseError error; if(!Wt::Json::parse(Wt::Utils::base64Decode(json), obj, error)) { LOG_ERROR("error while parsing client certificates"); return; } std::string clientCertificatePem = obj["client-certificate"]; X509* cert = Wt::Ssl::readFromPem(clientCertificatePem); if(cert) { Wt::WSslCertificate clientCert = Wt::Ssl::x509ToWSslCertificate(cert); X509_free(cert); Wt::Json::Array arr = obj["client-pem-certification-chain"]; std::vector<Wt::WSslCertificate> clientCertChain; for(unsigned int i = 0; i < arr.size(); ++i ) { clientCertChain.push_back(Wt::Ssl::x509ToWSslCertificate(Wt::Ssl::readFromPem(arr[i]))); } Wt::WValidator::State state = static_cast<Wt::WValidator::State>((int)obj["client-verification-result-state"]); Wt::WString message = obj["client-verification-result-message"]; sslInfo_ = new Wt::WSslInfo(clientCert, clientCertChain, Wt::WValidator::Result(state, message)); } #endif // WT_WITH_SSL }
void WEnvironment::enableAjax(const WebRequest& request) { doesAjax_ = true; session_->controller()->newAjaxSession(); doesCookies_ = request.headerValue("Cookie") != nullptr; if (!request.getParameter("htmlHistory")) internalPathUsingFragments_ = true; const std::string *scaleE = request.getParameter("scale"); try { dpiScale_ = scaleE ? Utils::stod(*scaleE) : 1; } catch (std::exception& e) { dpiScale_ = 1; } const std::string *webGLE = request.getParameter("webGL"); webGLsupported_ = webGLE ? (*webGLE == "true") : false; const std::string *tzE = request.getParameter("tz"); try { timeZoneOffset_ = std::chrono::minutes{tzE ? Utils::stoi(*tzE) : 0}; } catch (std::exception& e) { } const std::string *tzSE = request.getParameter("tzS"); timeZoneName_ = tzSE ? *tzSE : std::string(""); const std::string *hashE = request.getParameter("_"); // the internal path, when present as an anchor (#), is only // conveyed in the second request if (hashE) setInternalPath(*hashE); const std::string *deployPathE = request.getParameter("deployPath"); if (deployPathE) { publicDeploymentPath_ = *deployPathE; std::size_t s = publicDeploymentPath_.find('/'); if (s != 0) publicDeploymentPath_.clear(); // looks invalid } const std::string *scrWE = request.getParameter("scrW"); if (scrWE) { try { screenWidth_ = Utils::stoi(*scrWE); } catch (std::exception &e) { } } const std::string *scrHE = request.getParameter("scrH"); if (scrHE) { try { screenHeight_ = Utils::stoi(*scrHE); } catch (std::exception &e) { } } }