I have Googled and looked on SOF for a solution but sadly I'm a little confused on how to resolve this issue,
For Encryption I'm using the following
Simple insecure two-way "obfuscation" for C#
The way I use this the end user choose a category and saves the item, on returning from the DB I select the relevant view to be display.
The view name is then Encrypted and passed to a new action.
Within this Action I then try to decrypt the encrypted view name and pass it to the view to be rendered but when I try to decrypt it I get this error mentioned above, I'm uncertain on how to fix this.
My controller looks like this
return RedirectToAction("Description", "Advert", new{
encryptedView = crypto.Encrypt(advertModel.View),
});
which passes the following encryption
too8kmao3odfbwbhlaod1w==
I then try the following in the action its been redirected to
var decryptView = new Crypto().Decrypt("too8kmao3odfbwbhlaod1w==");
yet with no avail.....
Ok, found the solution as im using a nuget LowercaseRoutesMVC when I encrypt it, it looks like this
Too8KMao3ODfBWBHLaoD1w==
When I try to decrypt its lower case as mentioned above which is what causes the issue.
I'll have to think of another way to resolve this.
Related
I would like to install ReCaptcha to our Umbraco Version 7. But I can't seem to find the correct approach. Basically I want to add the captcha element inside my custom form (not the Umbraco Form). Is there a way to do it? It seems the approach of adding the Recaptcha is not the same as how you add it in PHP application. How should I do this in Umbraco?
Update:
Recaptcha version can either be version 1, 2 or 3
reCaptcha V2 only requires a few simple lines of HTML to be inserted, AFAIK. You should be able to insert both a script tag and an HTML element anywhere inside your form element (inside Html.BeginForm if that's what you're doing) in your custom form, as long as you have an API key. I did this the other day and it just worked.
https://developers.google.com/recaptcha/docs/display
It doesn't need "installation", but it requires some fiddling with code.
I wrote a post about it here a while back, https://www.jondjones.com/learn-umbraco-cms/umbraco-7-tutorials/umbraco-security/how-to-add-a-recapture-within-your-umbraco-website/
The quick option is to install recaptha mvc via Nuget and then decorate your controller with CaptchaValidator and use the Recaptcha in your HTML
In your controller just check the form values and get the captcha value from it like this below, if that value is null then the person hasn't filled it otherwise it will have a value in it.
var formData = Request.Form;
var captchaRequest = formData["g-recaptcha-response"];
if (string.IsNullOrWhiteSpace(captchaRequest))
{
TempData["formError"] = "Fill in the Captcha box.";
return CurrentUmbracoPage();
}
Ok I found a solution with detailed explanation in this Blog
I have my rest client url hard-coded in my code-behind, but upon peer-reviewing my code, I was asked to move that url to the config file so that it can be changed for each environment.
Visual Studio 2019 now complains because my rest client url has an invalid = sign as token in the url itself, and it expects ; as token instead.
Has anyone ever come across this, and is it correct to move the rest client to the config file? In theory that should not change.
Can't share the full url, but the part that is highlighted as error is this: version=2.0&details=true.
I found the answer. The problem is in the & symbol itself. Once converted to &, the errors Visual Studio was highlighting were gone and my solution worked again.
If i will do that i will save in config file only base url like this
"WebConfig": {
"SmsCenterApi": "https://some_site.com/SendService"
}
and in code I can complete the link
string url = WebConficData.SmsCenterApi+"version=2.0&details=true";
andafter that I can use url to make some request. For multi-environments web.config and appsettings is avesome. You just change base url for each env and that's it.
I think the answer to your questions
where do you store the rest client url?
is it correct to move the rest url to the config file?
is dependent on how you implement the rest request to that url. As you do not show any information on how you implement the rest call, I would like to show you one possible way and hopefully give you an impression about which things you should consider when implementing a solution.
So we can basically (for the sake of completeness) split an rest-endpoint url into two parts which might affect our implementation.
The base url:
"https://www.some-nice-name.com/SomeEndPoint"
and the parameters
?key1=value1&key2=value2
having this in mind, you could go the way and split them up, storing the base url and the parameters in two different nodes/attributes in a config file:
{
"BaseUrl" : "https://www.some-nice-name.com/SomeEndPoint",
"UrlParams" : "?key1=value1&key2=value2"
}
Or in one node/attribute, or even split each single parameter pair ("key1=value1") into own fields. And so on, and so on......
Anyway, if we now jump into our C# code and implement the Rest call, we have a wide range of different possible solution. For this example I will show you how to use the RestSharp NuGet package and why it might influences our decision on the above question.
So one basic example:
// I will not show the implementation of ReadYourConfigStuff() because its fairly clear what should happen here
var config = ReadYourConfigStuff();
// Give the BaseUrl to our REST client
var restClient = new RestClient(config.BaseUrl);
// Just taking GET as we have some GET Parameters
var restRequest = new RestRequest(Method.GET);
so far so good. But we still miss our parameters right?
Let's go ahead:
// RestSharp gives us a very nice tool to add GET parameters to our request
restRequest.AddParameter("key1", "value1");
restRequest.AddParameter("key2", "value2");
That looks quite different to what we added to our config file, does it? Yes it does. As RestSharp gives us a tool at hand which allows to add parameters one by one, we are free to choose how to store and maintain those in our code. And if we have a look on the AddParameter defintion
public IRestRequest AddParameter(string name, object value);
we see that the second parameter can be any object. Amazing!
So my answer to your question is: Yes you can store it in the config file, but does it fit to your implementation? Are the parameters fix or do they change? How does your favorite tooling would like you to implement the rest request?
Based on the answers to these questions, I would take a decision rather to use a config file or not.
I'm not sure of the best way to accomplish my goal. Looking for insight. I'm familiar with WebAPI services consumed through WPF and Silverlight but this is my first run at ASP and MVC.
I am building a site to verify contents of a shipment against an electronic manifest (EDI 856). I have a page that displays the shipping data and I need the users to scan each item barcode in the container. I would then like to pass that barcode to a service, verify the item belongs in that shipment and then update the page to show as much.
My plan was to have a single text box into which the user could scan/type the barcode and then submit that data to a WebAPI service which would verify the information and then probably use SignalR to send a message back to the page and update a grid with the item data.
If this is a decent way to go, I'm just not quite sure how to use ajax to call the WebAPI endpoint and provide the data I need.
I would advise against using SignalR in this situtation. What you need, judging from your description, is the most basic use case of submitting an ajax request and receiving a response.
You are not designing a system where you need the server to initiate communication with the browser or anything like that, where sockets (and SignalR as an abstraction over sockets with fallbacks to less suitable protocols) is a huge overkill.
Don't worry, your use case is rather simple.
It's a little out of scope to describe how to setup a WebApi project, how to configure routing, action names, etc. Simple google searches will surely provide ample quality tutorials on getting started.
I'll just try to explain what the general idea is, with some code samples, to get you thinking in the right direction.
You need to create an ApiController.
The simplest version of that Controller will probably look something like this:
public class ShipmentVerificationController : ApiController
{
//this is the response object you will be sending back to the client website
public class VerificationResult
{
public bool Valid;
}
public VerificationResult GetIsItemValid(string BarCode)
{
bool itemIsValid;
// Implement checks against the BarCode string here
itemIsValid = true;
return new VerificationResult { Valid = itemIsValid };
}
}
Note that the inner class represents the response you will be sending back. It should be properly filled out with additional info if needed and probably put into a separate .cs file in the "Models" folder or where ever you see fit.
I have declared it inside the controller for demonstration purposes only
Once you have a WebApi service deployed, it's really easy to send it data from your website and receive the feedback.
To simplify Ajax requests, jQuery is often used.
Once the user inputs the barcode into a textbox, you can hook up an event to check for return key being pressed (most barcode scanners send the return key command after they input the barcode data) and then write something along the lines of:
var barcode = $("#input-field").val();
$.getJSON( "<url_to_your_webapi_service>/api/ShipmentVerification/GetIsItemValid/" + barcode, function( data ) {
if (data.Valid) {
// great, highlight the item as valid
}
else {
//better indicate an error with the scanned item
}
});
Please note that for simplicity I have not included any error handling, url parameter encoding, and most importantly, zero authorization.
Authorization is very important if you deploy the web service to the open web but still do not want anyone to be able to call it.
You will have to research these topics yourself, but I hope I have presented you the core concepts and logic behind a simple service such as this, so you have a base to start with.
If you come up with specific problems and questions post a new question.
I actually found a more simple way to do this. I nixed the idea of using a WebAPI endpoint and just went with a normal controller. I used ajax to prevent the page from refreshing with the new view, since that view is actually just json data with my return values in it.
Is it possible to use this code in OData?
IQueryable<CallLogInfo> CallLogInfos = _callCenterServiceAccessor.CallLogInfos.Where(x => x.LogId == logid);
var log = CallLogInfos.ToList();
return log.Any();
I checked my request that it generated and I saw this:
http://services/CallCenter/CallCenterDataService.svc/CallLogInfos(1364974501.4)
so get this error:
<m:message xml:lang="en-US">Resource not found for the segment 'CallLogInfo'.</m:message>
but when I manually make a request to this request url:
http://services/CallCenter/CallCenterDataService.svc/CallLogInfos
Its ok.
As far as I know a request like your code should be possible.
Assuming that LogId is the Key column of you OData Service, your code
CallLogInfos.Where(x => x.LogId == logid);
will be transformed internally by the OData Service to
http://services/CallCenter/CallCenterDataService.svc/CallLogInfos(logid)
which is the standard syntax to get an element with a specific Id.
The error message you showed is thrown, if a query for an Id does not find an entry in the list, have you checked if the Id you provide is correct?
(If that is the problem, you can turn off this behavior by setting the IgnoreResourceNotFoundException Property of the service context (see MSDN))
In a test that I made, a query like yours does work, maybe your Odata service implementation contains errors?
You can try your code and your service with a tool like LinqPad which is helpful to try out things like that.
Im using asp.net mvc with jqueryui
I have placed the default logon htlm (that comes with a new created mvc project) and placed it in a jquery modal dialog. login seems to work okay. However Im not sure how I'm meant to handle errors. I'd like it to just show up in the modal dialog...,
The modal dialog is fine when it errors if for example a required field is missing, (it shows up in the dialog)
but the LogOn action method returns View(model); if there are any errors with the authenticating the credential entered( user/password are invalid)
how can i make it so that these erros get rendered within the dialog too?
Add the errors to your Model and then read those values out in the view.
public class LoginModel
{
public string ErrorMessage { get; set; }
}
I suggest you check my blog post where I provide the best possible solution to handling validation errors using Ajax calls.
To make things reusable and to not repeat code the solution provides an action filter that handles certain exceptions. In this case a custom exception.
Everything is described and explained in great detail and all code is provided. It's actually very trivial when you look at it at the end but nevertheless. Check it out.