From f6ca2e163b1da814e4399a4115ae5b66f304bebf Mon Sep 17 00:00:00 2001 From: exyi Date: Sat, 17 Oct 2020 17:56:40 +0000 Subject: [PATCH] Warning on forms with passwords --- server/Ksp.WebServer/.vscode/launch.json | 34 +++++++++++++++++++ server/Ksp.WebServer/.vscode/tasks.json | 42 ++++++++++++++++++++++++ server/Ksp.WebServer/KspPageRewriter.cs | 32 ++++++++++++++++++ server/Ksp.WebServer/Startup.cs | 17 +++++++--- 4 files changed, 121 insertions(+), 4 deletions(-) create mode 100644 server/Ksp.WebServer/.vscode/launch.json create mode 100644 server/Ksp.WebServer/.vscode/tasks.json create mode 100644 server/Ksp.WebServer/KspPageRewriter.cs diff --git a/server/Ksp.WebServer/.vscode/launch.json b/server/Ksp.WebServer/.vscode/launch.json new file mode 100644 index 0000000..4031909 --- /dev/null +++ b/server/Ksp.WebServer/.vscode/launch.json @@ -0,0 +1,34 @@ +{ + // Use IntelliSense to learn about possible attributes. + // Hover to view descriptions of existing attributes. + // For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387 + "version": "0.2.0", + "configurations": [ + { + "name": ".NET Core Launch (web)", + "type": "coreclr", + "request": "launch", + "preLaunchTask": "build", + "program": "${workspaceFolder}/bin/Debug/netcoreapp3.1/Ksp.WebServer.dll", + "args": [], + "cwd": "${workspaceFolder}", + "stopAtEntry": false, + "serverReadyAction": { + "action": "openExternally", + "pattern": "\\bNow listening on:\\s+(https?://\\S+)" + }, + "env": { + "ASPNETCORE_ENVIRONMENT": "Development" + }, + "sourceFileMap": { + "/Views": "${workspaceFolder}/Views" + } + }, + { + "name": ".NET Core Attach", + "type": "coreclr", + "request": "attach", + "processId": "${command:pickProcess}" + } + ] +} \ No newline at end of file diff --git a/server/Ksp.WebServer/.vscode/tasks.json b/server/Ksp.WebServer/.vscode/tasks.json new file mode 100644 index 0000000..6861af3 --- /dev/null +++ b/server/Ksp.WebServer/.vscode/tasks.json @@ -0,0 +1,42 @@ +{ + "version": "2.0.0", + "tasks": [ + { + "label": "build", + "command": "dotnet", + "type": "process", + "args": [ + "build", + "${workspaceFolder}/Ksp.WebServer.csproj", + "/property:GenerateFullPaths=true", + "/consoleloggerparameters:NoSummary" + ], + "problemMatcher": "$msCompile" + }, + { + "label": "publish", + "command": "dotnet", + "type": "process", + "args": [ + "publish", + "${workspaceFolder}/Ksp.WebServer.csproj", + "/property:GenerateFullPaths=true", + "/consoleloggerparameters:NoSummary" + ], + "problemMatcher": "$msCompile" + }, + { + "label": "watch", + "command": "dotnet", + "type": "process", + "args": [ + "watch", + "run", + "${workspaceFolder}/Ksp.WebServer.csproj", + "/property:GenerateFullPaths=true", + "/consoleloggerparameters:NoSummary" + ], + "problemMatcher": "$msCompile" + } + ] +} \ No newline at end of file diff --git a/server/Ksp.WebServer/KspPageRewriter.cs b/server/Ksp.WebServer/KspPageRewriter.cs new file mode 100644 index 0000000..611ade2 --- /dev/null +++ b/server/Ksp.WebServer/KspPageRewriter.cs @@ -0,0 +1,32 @@ +using System.IO; +using AngleSharp.Html; +using Microsoft.AspNetCore.Http; + +namespace Ksp.WebServer +{ + public class KspPageRewriter + { + public string RewriteHtml(string source, HttpContext context) + { + var p = new AngleSharp.Html.Parser.HtmlParser(); + var document = p.ParseDocument(source); + + foreach (var form in document.QuerySelectorAll("form")) + { + if (form.QuerySelector("input[type=password]") is null) + continue; + + var warning = document.CreateElement("div"); + warning.SetAttribute("style", "color: red; font-size: 3em; font-weight: bold"); + warning.TextContent = "Web běží na magické proxy, které byste měli věřit!!!"; + form.Prepend(warning); + } + + + + var outputHtml = new StringWriter(); + document.ToHtml(outputHtml, new PrettyMarkupFormatter() { Indentation = "\t", NewLine = "\n" }); + return outputHtml.ToString(); + } + } +} diff --git a/server/Ksp.WebServer/Startup.cs b/server/Ksp.WebServer/Startup.cs index e944f4b..01140a3 100644 --- a/server/Ksp.WebServer/Startup.cs +++ b/server/Ksp.WebServer/Startup.cs @@ -5,6 +5,7 @@ using System.Linq; using System.Net; using System.Net.Http; using System.Net.Http.Headers; +using System.Text; using System.Threading.Tasks; using AspNetCore.Proxy; using AspNetCore.Proxy.Builders; @@ -39,15 +40,17 @@ namespace Ksp.WebServer .ConfigurePrimaryHttpMessageHandler(h => { return new HttpClientHandler { AllowAutoRedirect = false, - UseCookies = false + UseCookies = false, + AutomaticDecompression = DecompressionMethods.All }; }); services.AddProxies(); services.Configure(Configuration.GetSection(nameof(KspProxyConfig))); + services.AddSingleton(); } // This method gets called by the runtime. Use this method to configure the HTTP request pipeline. - public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IOptions kspProxyConfig) + public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IOptions kspProxyConfig, KspPageRewriter pageRewriter) { Console.WriteLine($"Running {env.EnvironmentName} env, root={env.ContentRootPath}, host={kspProxyConfig.Value.Host}"); @@ -97,7 +100,7 @@ namespace Ksp.WebServer // Console.WriteLine(request); return Task.CompletedTask; }); - opt.WithAfterReceive((cx, response) => { + opt.WithAfterReceive(async (cx, response) => { // Console.WriteLine(response); if (response.Headers.Location is object && response.Headers.Location.Host == baseUri.Host) { @@ -115,7 +118,13 @@ namespace Ksp.WebServer .Replace($"; domain={baseUri.Host}", $"; domain={cx.Request.Host.Host}") )); } - return Task.CompletedTask; + + if (new [] { "text/html", "application/xhtml+xml" }.Contains(response.Content.Headers.ContentType.MediaType)) + { + var str = await response.Content.ReadAsStringAsync(); + str = pageRewriter.RewriteHtml(str, cx); + response.Content = new StringContent(str, Encoding.UTF8, "text/html"); + } }); })); }