I want to get the user locale when he lands in my website and then stick it to the user (also stick the new one if he wants to change the language).
Yet I don't want the locale to appear in the url.
I implemented the LocaleListener from the Symfony2 doc but I am enable to get the user default locale at the first request.
This requests are giving me nothing for a response:
$locale = $this->getRequest()->attributes->get('_locale');
$locale = $this->getRequest()->get('_locale');
While
$this->getRequest()
Sends effectively
GET /Twinkler1.2.3/web/app_dev.php/ HTTP/1.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4 Cache-Control: max-age=0 Connection: keep-alive Cookie: __uvt=; PHPSESSID=f28e3958ecab05fe97d6fc6950eb72ec; SQLiteManager_currentLangue=2 Host: localhost:8888 Referer: http://localhost:8888/Twinkler1.2.3/web/app_dev.php/login User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.76 Safari/537.36 X-Php-Ob-Level: 0
So how can I get the locale of the request (French here)?
Thanks in advance
Jules
$language = $request->getPreferredLanguage();
$request->setLocale($language);
Related
How to solve xss attack (injecting "Alert") problem in wso2 api manager 3.2.0 carbon?
Request script as follows:
GET /carbon/generic/list.jsp?region=region3&item=governance_list_api_menu&key=api&breadcrumb=APIs%26%2339%3b)%3balert(76174)%3b%2f%2f&singularLabel=API&pluralLabel=APIs HTTP/1.1
Host: xxx.xx.xx.xx:9443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Cookie: region1_identity_menu=visible; menuPanel=visible; menuPanelType=main; JSESSIONID=55DB064DEF96C3060444A39F6A8412ED; requestedURI=../../carbon/admin/index.jsp; region1_configure_menu=none; region3_registry_menu=none; region4_monitor_menu=none; region5_tools_menu=none; current-breadcrumb=metadata_menu%252Clist_sub_menu%252Cgovernance_list_api_menu%2523
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
In wso2 APIM 3.0.0 the solution is released but not implemented in updated versions of wso2 (3.1.0,3.2.0) .this process is based on XSSValve.java : (https://svn.apache.org/repos/asf/stratos/site/trunk/content/apidocs/4.1.5/org/wso2/carbon/ui/valve/XSSValve.html#XSSValve() )
( https://github.com/kasunbg/carbon-kernel-4.x/blob/master/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/valve/XSSValve.java )
And also the configuration model has been changed refer to :
( https://apim.docs.wso2.com/en/3.2.0/reference/understanding-the-new-configuration-model/)
So I fallowed steps below :
1.vi APIM-HOME/repository/resources/conf/templates/repository/conf/carbon.xml.j2
<XSSPreventionConfig>
<XSSPatternsLocation>${carbon.home}/repository/conf/security/xss-
patterns.properties</XSSPatternsLocation>
<Enabled>true</Enabled>
<Rule>allow</Rule>
<Patterns>
<!--Pattern>carbon/sequences</Pattern>
<Pattern>carbon/configadmin</Pattern>
<Pattern>carbon/localentries</Pattern>
<Pattern>carbon/api</Pattern>
<Pattern>carbon/proxyservices</Pattern>
<Pattern>carbon/resources</Pattern>
<Pattern>carbon/task</Pattern-->
<Pattern>carbon/resources/update_text_content_ajaxprocessor.jsp</Pattern>
<Pattern>carbon/resources/add_text_resource_ajaxprocessor.jsp</Pattern>
<Pattern>commonauth</Pattern>
</Patterns>
</XSSPreventionConfig>
2.vi APIM-HOME/repository/resources/conf/templates/repository/conf/tomcat/catalina-server.xml.j2
Add fallowing line to host section
<Valve className="org.wso2.carbon.ui.valve.XSSValve"/>
I have a angular 1.x SPA app built with ASP Web API hosted in Azure as a Web App. When I deploy new code browsers such as Chrome (not edge or IE) fail to get the new code based on If-modified-since or ETAG. The current workaround is to have users do a CTRL + F5 to force a download. There are some differences in the request headers between Edge and Chrome that may explain this but I am not very familiar with the cache control mechanisms within HTTP.
My main question is this an expected behavior and I need to deliberately detect this in client side code and force a refresh or is this something IIS is expected to handle by default? Secondarily is this something I can solve through changes to web.config?
Edge
Accept: application/javascript, /; q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Connection: Keep-Alive
Cookie: ai_user=T9jXc|2016-08-08T05:44:23.776Z; ai_session=2GcvV|1470765398272|1470765399564
Host: app.somehost.com
If-Modified-Since: Mon, 08 Aug 2016 16:34:46 GMT
If-None-Match: "0172c692f1d11:0"
Referer: https://app.somehost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
Chrome
Accept:/
Accept-Encoding:gzip, deflate, sdch, br
Accept-Language:en-US,en;q=0.8
Cache-Control:max-age=0
Connection:keep-alive
Cookie:ai_user=WXgAN|2016-08-09T16:28:50.251Z; ai_session=nV7TD|1470765376324|1470765376960
Host:app.somehost.com
If-Modified-Since:Mon, 08 Aug 2016 16:34:46 GMT
If-None-Match:"0172c692f1d11:0"
Referer:https://app.somehost.com/
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
The issue was resolved by optimizing bundles. I had optimizations off as it was breaking dependencies that didn't not support minification. To fix the issue I removed the offending .js files from the bundles and references them directly. Then enabled optimizations in BundleConfig.cs
BundleTable.EnableOptimizations = true
I have an ASP.NET website (.aspx) that I call from within an ASP.NET MVC 4 mobile website (.cshtml) to get its html response string. Both sites are hosted on a Windows Server 2008 R2 system. They are created and published with VS2010 Professional.
-If I go directly to the external site and view source then it is correct.
-If I use any of the below ways of getting the external html:
using (WebClient client = new WebClient())
{
html = client.DownloadString(strUrl);
}
or
using (WebClient client = new WebClient())
{
byte[] DataBuffer = client.DownloadData(strUrl);
html = Encoding.ASCII.GetString(DataBuffer);
}
or
WebResponse objResponse;
WebRequest objRequest = System.Net.HttpWebRequest.Create(strUrl);
objResponse = objRequest.GetResponse();
using (StreamReader sr = new StreamReader(objResponse.GetResponseStream()))
{
html = sr.ReadToEnd();
sr.Close();
}
then the html is changed from this ( where the font-family is set on a parent table ):
<td align="right" style="color:Red;background-color:White;width:4.375em;border-bottom:1px solid black;border-right:1px solid black;">-27.0%</td>
to this:
<td align="right" bgcolor="White" style="border-bottom:1px solid black;border-right:1px solid black;"><font face="Arial,sans-serif" color="Red">-27.0%</font></td>
I doesn't look like anything else has changed other than the font style is changed to a tag, the background color moved from a style to a tag attribute, and the width style being completely removed. This happens on the entire page.
If I put a break point on the html variable and view it then the html has already been changed by the time DownloadString is called.
Anyone know why this is happening?
Thanks in advance.
edit:
this link: WebClient.DownloadString() Not Producing Exact HTML
is not quite the same thing as I am not using Ajax or JavaScript on the external page.
edit:
here are the request headers from fiddler and the site that calls the other site (I used Chrome):
GET / HTTP/1.1
Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: .ASPXBrowserOverride=Mozilla%2f4.0+(compatible%3b+MSIE+6.0%3b+Windows+CE%3b+IEMobile+8.12%3b+MSIEMobile+6.0);
going to the site directly I get this request header:
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: .ASPXBrowserOverride=Mozilla%2f4.0+(compatible%3b+MSIE+6.0%3b+Windows+CE%3b+IEMobile+8.12%3b+MSIEMobile+6.0);
edit:
If I look at the client object in debug mode client.Headers is empty before and after DownloadString is called.
Also, after DownloadString is called here are the client.ResponseHeaders:
{Content-Length: 267123
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Tue, 27 Nov 2012 18:37:27 GMT
Set-Cookie: ASP.NET_SessionId=******; path=/; HttpOnly
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
}
Solution:
Unfortunately I cannot accept two answers. Both Icarus and James Lawruk's answers helped me to solve the problem. I am picking an answer based on what most recently lead me to the final solution. So thanks to you both!
So here is the solution in a nutshell:
Use fiddler to view the request headers and find the user-agent.
Modify the code as follows:
using (WebClient client = new WebClient())
{
client.Headers.Add("user-agent", "Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11");
html = client.DownloadString(strUrl);
}
Try setting the user-agent value and experiment with different browsers. This may prove the Web site is switching the HTML response based on the user-agent header.
webClient.Headers.Add("user-agent", "Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_2 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8H7 Safari/6533.18.5");
var iphoneHtml = webClient.DownloadString("http://www.yoursite.com");
webClient.Headers.Add("user-agent", "Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11");
var safariHtml = webClient.DownloadString("http://www.yoursite.com");
Most likely Browser Sniffing as Dour pointed out on his comment because WebClient does not change the resulting HTML at all.
You can probably verify this if you use Fiddler and set up the request headers in exactly the same way WebClient does. I bet you you get the same HTML output.
I'm debugging a program I wrote and noticed something strange. I set up an HTTP server on port 12345 that servers a simple OGG video file, and attempted to access it from Firefox.
Upon sniffing the network requests, I found these two requests were made:
GET /video.ogv HTTP/1.1
Host: 127.0.0.1:12345
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
GET /video.ogv HTTP/1.1
Host: 127.0.0.1:12345
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Range: bytes=8122368-
The video is almost 8 MB in size, so the fact that the second request specifics 8122368 bytes, which is 7932 KB, suggests it is requesting the very end of the file for some reason. Anyone have ideas?
In order to support seeking and playing back regions of the media that aren't yet downloaded, Gecko uses HTTP 1.1 byte-range requests to retrieve the media from the seek target position. So because Ogg files don't contain their duration, the initial download connection is terminated. Then there is a seek to the end of the Ogg file and read a bit of data to extract the time duration of the media. Info from here and here.
Some media format have meta data at the end of the file, and this data is usually required to allow proper seeking of the video.
Its actually requesting 8122368 bytes starting backwards from the end. Which is 7.74MB if I did my calcs correctly.
it might be something in how the buffering for that file type is done.
How many bytes of data does a typical HTTP get request consume.
For instance if I request a page from the server through a browser how many bytes of data would be sent?
Pretty typical request, 430 bytes:
GET /ga.js HTTP/1.1\r\n
Host: www.google-analytics.com\r\n
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 (.NET CLR 3.5.30729)\r\n
Accept: */*\r\n
Accept-Language: en-us,en;q=0.5\r\n
Accept-Encoding: gzip,deflate\r\n
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n
Keep-Alive: 300\r\n
Connection: keep-alive\r\n
Referer: http://stackoverflow.com/\r\n
If-Modified-Since: Mon, 31 Aug 2009 17:13:58 GMT\r\n
\r\n
\r\n
Request with a long query string and a small cookie 657 bytes)
GET /pixel;r=978178957;fpan=0;fpa=1241112640-44259546-69321280;ns=0;url=http%3A%2F%2Fstackoverflow.com%2F;ref=;ce=1;je=1;sr=1920x1200x32;dg=E5912-W-MO-5;dst=1;et=1252061014745;tzo=-120;a=p-c1rF4kxgLUzNc HTTP/1.1\r\n
Host: pixel.quantserve.com\r\n
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2 (.NET CLR 3.5.30729)\r\n
Accept: image/png,image/*;q=0.8,*/*;q=0.5\r\n
Accept-Language: en-us,en;q=0.5\r\n
Accept-Encoding: gzip,deflate\r\n
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n
Keep-Alive: 300\r\n
Connection: keep-alive\r\n
Referer: http://stackoverflow.com/\r\n
Cookie: uid=1274108650-45267447-66848880; mc=1137458542-57565784-88898864\r\n
\r\n
\r\n
Use Fiddler to intercept the request and see for yourself.
It varies, especially when it comes to GET queries or POST requests, but I'd estimate it about 0.5—1k.
Requesting a page from the browser, though, may also result in requesting pictures, stylesheets and other referenced content.
Edit: originally I put in the estimation for request+reply.
I would suggest you use a full packet sniffer like wireshark. You would love it :)
Get it here:
http://www.wireshark.org/