I'm writing a local Proxy server. It already works for the majority of the requests. But sometimes I have Problems when I want to resolve the Host-name. Here is what I do:
When the header of the request is received, I filter the first line out. Then I take the Request-URL (which is between the two spaces) out of that line and store it into an Uri object. After that I extract the hostname with: string host= uri.host;
At least I do the DNS-call: IPAddress[] ips = Dns.GetHostAddresses(host)[0];
(How do I know here, which IP of the array I should take. Whats the difference between those IP's)
Like I said, for the majority of the Requests that works fine. But there are some adresses, that cannot be resolved. Here an example: When I want to open www.gmx.net, I first get the HTML-File ( this works fine ). After that, the Browser reloads a couple of Web-Objects like pics, javascript and so on. Those Object of course have some URL. And one of those URLs, that cannot be resolved is: ipv4-cout.gmx.net .
The attempt to resolve this URL results in the warning: The stated Host is unknown.
Another thing I need to know is: How to handle Alias-Host-names? For example: When I enter the hostname gmx.de into the Browser, it automaticaly resolves it into www.gmx.net. I know, there are Recource Reccords on a DNS-Server with type CNAME, but I dont know how to implement this.
I would say that they come back in the order that the DNS server sends them, I can no find no reference to any particular ordering.
Dns.GetHostAddresses Method
In most cases, there would only be a single IP address. In the case of www.gmx.net, they do have 2 and in theory, this would mean that you would round-robin the requests.
www.gmx.net has address 212.227.223.5
www.gmx.net has address 212.227.223.4
For your information. pv4-cout.gmx.net does not resolve on my machine and would result in a 404 when accessed any other way.
gmx.de does not resolve to www.gmx.net, there is a URL redirect on the web server.
Connecting to www.gmx.de|212.227.223.10|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://www.gmx.net/ [following]
Related
I am trying to make a Soap call to a webservice hosted by business partner. The problem I am having is that our client is hosted on a virtual PC with multiple IPs. I would like to call the hosted webservice with a different (not default) IP address. Why is that? There is VPN connection between our client application and hosted webservice but it is set up LAN2LAN between two IPs. Now I have to change local source IP address to match with the VPN requirements.
I have tried using SoapHttpClientProtocol's WebProxy, setting its value to the new IP but it does not seem to work. I am getting HTTP 404 error.
Here is some of the code:
//soapApiClient is typeof SoapHttpClientProtocol
//endpoint url -> webservice, url from appSettings
var url = SettingsProvider.ClientSapGetUserDataUrl;
soapApiClient.Url = url;
//proxy settings -> setting new IP, defined in appSettings
var proxy = SettingsProvider.ClientProxyAddress;
soapApiClient.Proxy = new WebProxy(proxy);
//credentials
soapApiClient.Credentials = GetCredentials();
I HTTP post user code and return value should be user data from SAP, currently I am getting 404 http error code. For comparison, it works like a charm from SoapUI. Maybe setting proxy is not what I am looking for? Any help would be much appreciated.
EDIT: To be more clear
Currently, by default service is called from default ip 91.185.201.88. Service's IP is 10.67.145.70. I want to change it like so: service is called from 192.168.4.2 to service's 10.67.145.70.
I finally managed to make it work. If anyone else will have problem with this, just follow these instructions.
Before calling remote service, you have to find service point for it. This is done via ServicePointManager like so
Example:
var servicePointUserReader = ServicePointManager.FindServicePoint(new Uri(FULLY QUALIFIED REMOTE SERVICE URL));
servicePointUserReader.BindIPEndPointDelegate = (sp, remote, retryCount) => new IPEndPoint(IPAddress.Parse(SOURCE IP FROM WHICH YOU WANT TO SEND REQUEST), 0);
In my example, fully qualified remote service url was something like http://65.145.63.71:8010/sapService (this is the one we are trying to call). Then I wanted to make a call from a different IP on our virtual PC which has many IPs addressed to it. You just need to input desired IP as shown in the second line of the code, for example 192.168.5.1.
Make sure you use "http://" when calling FindServicePoint with new Uri() constrcutor otherwise it will not work!
After that just proceed with the call to the service. Two lines of code, that's all you need. :)
In my project, I have an .ashx page which accepts POST requests from outside, and collects a string variable by using this code:
string infoPost = httpRequest["infoPost"].ToString();
This code works perfectly on my local, or an IIS server.
The problem started when I published it to an IIS server which I dont have control over it. Somehow the object was coming empty and I was getting "Object reference not set to an instance of an object." error on this code.
I did a bit of research, and found out that the SecureConnection setting is causing the problem. IIS server converts all "http" requests to "https", but it loses infoPost variable while doing that. I tested this idea by calling this page with "https" directly, and this time the code worked perfectly, and I grabbed the posted string.
But I dont want hardcoded job. I tried to understand if the website set as a secureconnection or not by using this code:
string strSecure = "http://";
if (HttpContext.Current.Request.IsSecureConnection)
strSecure = "https://";
Again, this code worked well on my local, but doesn't work on the IIS I mentioned.
Sorry for the long explanation, here are my questions in simple:
When IIS somehow redirects http requests to https, it is unable to pass the parameters inside the POST. Is it true? How can I prevent it?
I want to understand if a website is published on SecureConnection or not, but seems like "HttpContext.Current.Request.IsSecureConnection" code doesn't work on IIS. Is my assumption correct? Is there any other way to understand and decide which tag I should be using, (http or https)?
You don't want POSTed values to redirect from http to https, that would be a security hole. The purpose of this feature is to force you to confront whatever it is in the application that is POSTing values in clear-text, because they are being exposed before the redirect ever happens.
We use Request.Url.GetLeftPart(UriPartial.Authority) to get the domain part of the site. This served our requirement on http.
We recently change site to https (about 3 days ago) but this still returns with http://..
Urls were all changed to https and show in browser address bar.
Any idea why this happens?
The following example works fine and returns a string with "https":
var uri = new Uri("https://www.google.com/?q=102njgn24gk24ng2k");
var authority = uri.GetLeftPart(UriPartial.Authority);
// authority => "https://www.google.com"
You either have an issue with the HttpContext class right here, or all your requests are still using http:
You can check the requests HttpContext.Current.Request.IsSecureConnection property. If it is true, and the GetLeftPart method still returns http for you, I think you won't get around a replacing here.
If all your requests are really coming with http, you might enforce a secure connection in IIS.
You should also inspect the incoming URL and log it somewhere for debugging purposes.
This can also happen when dealing with a load balancer. In one situation I worked on, any https requests were converted into http by the load balancer. It still says https in the browser address bar, but internally it's a http request, so the server-side call you are making to GetLeftPart() returns http.
If your request is coming from ARR with SSL Offloading,
Request.Url.GetLeftPart(UriPartial.Authority) just get http
I am trying to diagnose a problem that a client site has come across. Basically when you do an address search on their website you can specify a % symbol for wildcard searches. For example you can search for Be% to return Belfast etc.
This queries the database and then redirects you to the results page, passing the search criteria in the querystring for example results.aspx?criteria=Search%20criteria%20is%20Be%
This caused problems if you searched for something like %Belf as %Be is a reserved character in URL encoding. I therefore coded it to replace % with %25 (URL encoding representation of % symbol). This works fine on my test machine, where the URL is now results.aspx?criteria=Search%20Criteria%20is%20%25Be .
This however doesn't work on our clients website for some reason and I can't work out why. The page keeps error-ing with:
Error Code: 500 Internal Server Error. The request was rejected by the
HTTP filter. Contact the server administrator. (12217)
any time you search for something like %Be %Fa %Fe etc etc
Does anyone know if there is an IIS setting for this or something similar?
You might have URLScan installed on your server. URLScan intercepts requests and reject them if it detects invalid characters. It is meant to protect your website from malicious attacks and SQL injection. If you don't configure it correctly then it will reject perfectly reasonable requests. Take a look at the ISAPI filters on your website and see if URLScan is there.
Could this solve your problems? It is written by Zubair Alexander at http://blog.techgalaxy.net/archives/2521
One of our application will be run in an iframe, inside salesforce and I'm having troubles with accessing the referer. They'd like us to do some referer checks, to make sure the request is coming from salesforce and we've been given the IP addresses to check against.
My problem is that anytime I try to access the referer through either of the following two methods:
HttpContext.Current.Request.ServerVariables["HTTP_REFERER"]
HttpContext.Current.Request.UrlReferrer
it returns me null.
Any ideas how could I get hold of the referer?
PS: I'm aware that you can spoof the referer, but it's part of the requirement.
If I understand the question correctly you have client sites that refer to your site by embedding IFrames in their webpages the point to your site. You wish to "ensure" that the requests are coming from host page which itself is part of a designated set of sites. The set of designated sites is described by a set of IP addresses. Does that cover it?
Tricky. First off lets assume you've got a referer. You will need to aquire the host name from it (easy enough using the Uri type). Then you need to resolve the IP address for the host name using DNS (again not too difficult with .NET framework).
Of course you need to get a referer and that is the trickiest bit. Browsers do not always place a referer header in the request. This is especially true when the referee address is not in the same domain as the referer, which is the case here. IOW, this is a showstopper.
A better approach to solving this problem (and is not prone to spoofing) is to use some hash based authentication. Doesn't have to be too sophisticated (if the original requirements felt the referer testing was sufficient anyway).
A referrer is only there if the page was requested through a link. When a page is opened say from the address bar in a browser by typing in the address directly (or in your case y setting the src. of the IFRAME), the referrer will be empty.