Skip to content

Commit

Permalink
Fix the basehttpheader so that it's checking the root of the domain i…
Browse files Browse the repository at this point in the history 
…nstead of /umbraco
  • Loading branch information
@Jeavon @mikecp
Jeavon authored and mikecp committed Oct 29, 2021
1 parent b046098 commit c3625ae
Showing 1 changed file with 15 additions and 13 deletions.
28 changes: 15 additions & 13 deletions src/Umbraco.Web/HealthCheck/Checks/Security/BaseHttpHeaderCheck.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ namespace Umbraco.Web.HealthCheck.Checks.Security
{
public abstract class BaseHttpHeaderCheck : HealthCheck
{
protected IRuntimeState Runtime { get; }
protected ILocalizedTextService TextService { get; }
private readonly ILocalizedTextService _textService;
private readonly IRuntimeState _runtime;

private const string SetHeaderInConfigAction = "setHeaderInConfig";

Expand All @@ -24,14 +24,14 @@ public abstract class BaseHttpHeaderCheck : HealthCheck
private readonly string _localizedTextPrefix;
private readonly bool _metaTagOptionAvailable;


protected BaseHttpHeaderCheck(
IRuntimeState runtime,
ILocalizedTextService textService,
string header, string value, string localizedTextPrefix, bool metaTagOptionAvailable)
{
Runtime = runtime;
TextService = textService ?? throw new ArgumentNullException(nameof(textService));

_runtime = runtime;
_textService = textService ?? throw new ArgumentNullException(nameof(textService));
_header = header;
_value = value;
_localizedTextPrefix = localizedTextPrefix;
Expand Down Expand Up @@ -70,7 +70,8 @@ protected HealthCheckStatus CheckForHeader()
var success = false;

// Access the site home page and check for the click-jack protection header or meta tag
var url = Runtime.ApplicationUrl;
var url = _runtime.ApplicationUrl.GetLeftPart(UriPartial.Authority);

var request = WebRequest.Create(url);
request.Method = "GET";
try
Expand All @@ -84,24 +85,25 @@ protected HealthCheckStatus CheckForHeader()
if (success == false && _metaTagOptionAvailable)
{
success = DoMetaTagsContainKeyForHeader(response);

}

message = success
? TextService.Localize($"healthcheck", $"{_localizedTextPrefix}CheckHeaderFound")
: TextService.Localize($"healthcheck", $"{_localizedTextPrefix}CheckHeaderNotFound");
? _textService.Localize($"healthcheck", $"{_localizedTextPrefix}CheckHeaderFound")
: _textService.Localize($"healthcheck", $"{_localizedTextPrefix}CheckHeaderNotFound");
}
catch (Exception ex)
{
message = TextService.Localize("healthcheck", "healthCheckInvalidUrl", new[] { url.ToString(), ex.Message });
message = _textService.Localize("healthcheck", "healthCheckInvalidUrl", new[] { url.ToString(), ex.Message });
}

var actions = new List<HealthCheckAction>();
if (success == false)
{
actions.Add(new HealthCheckAction(SetHeaderInConfigAction, Id)
{
Name = TextService.Localize("healthcheck", "setHeaderInConfig"),
Description = TextService.Localize($"healthcheck", $"{_localizedTextPrefix}SetHeaderInConfigDescription")
Name = _textService.Localize("healthcheck", "setHeaderInConfig"),
Description = _textService.Localize($"healthcheck", $"{_localizedTextPrefix}SetHeaderInConfigDescription")
});
}

Expand Down Expand Up @@ -149,14 +151,14 @@ private HealthCheckStatus SetHeaderInConfig()
if (success)
{
return
new HealthCheckStatus(TextService.Localize("healthcheck", _localizedTextPrefix + "SetHeaderInConfigSuccess"))
new HealthCheckStatus(_textService.Localize("healthcheck", _localizedTextPrefix + "SetHeaderInConfigSuccess"))
{
ResultType = StatusResultType.Success
};
}

return
new HealthCheckStatus(TextService.Localize("healthcheck", "setHeaderInConfigError", new [] { errorMessage }))
new HealthCheckStatus(_textService.Localize("healthcheck", "setHeaderInConfigError", new [] { errorMessage }))
{
ResultType = StatusResultType.Error
};
Expand Down

0 comments on commit c3625ae

Please sign in to comment.