I'm trying to log the current pages URL as part of our NLog layout. I've scoured the NLog layout variables and have come up with nothing.
Does anyone know how to get the current page URL as a variable for the layout? Also is it possible just to extract the domain name so this can be used in the EventLog source attribute?
Use the Aspnet-request layout renderer.
<target xsi:type="Trace"
name="trace"
layout="${message} ${aspnet-request:serverVariable=Url}" />
You have full access to the request properties.
I tested many approached and only "item" seems to work in regards to http://msdn.microsoft.com/en-us/library/ms524602.aspx
method = ${aspnet-request:item=HTTP_METHOD}
url with query string = ${aspnet-request:item=HTTP_URL}
user agent / browser = ${aspnet-request:item=HTTP_USER_AGENT}
and so on...
UPDATE
Additionally to my answer above (I don't remember if I knew it back then or not) but I found somewhere (also don't remember where, was a while ago) that NLog.Extended.dll must be also referenced to use functionality relevant to ASP.NET logging ie. layouts with ${aspnet-...
Answer for .NET Core as I tried the above before finding that the above does not work for .NET Core
THE FOLLOWING DO NOT WORK FOR .NET CORE
${aspnet-request:serverVariable=Url}
${aspnet-request:item=HTTP_URL}
Instead use:
${aspnet-request-url}
${aspnet-request-querystring}
e.g.
<target name="jsonFile" xsi:type="File" fileName="log.json" archiveNumbering="DateAndSequence" archiveAboveSize="5000000" maxArchiveFiles="10">
<layout xsi:type="JsonLayout">
<attribute name="time" layout="${longdate}" />
<attribute name="level" layout="${level:upperCase=true}"/>
<attribute name="message" layout="${message}" />
<attribute name="exception" layout="${exception:format=ToString,StackTrace:maxInnerExceptionLevel=2}" />
<attribute name="machineName" layout="${machinename}" />
<attribute name="ip" layout="${aspnet-request-ip}" />
<attribute name="method" layout="${aspnet-request-method}" />
<attribute name="url" layout="${aspnet-request-url}" />
<attribute name="query" layout="${aspnet-request-querystring}" />
<attribute name="postedBody" layout="${aspnet-request-posted-body}" />
<attribute name="userAgent" layout="${aspnet-request-useragent}" />
</layout>
</target>
For more see:
https://nlog-project.org/config/?tab=layout-renderers&search=package:nlog.web.aspnetcore
Related
I am trying to implement Content-Security-Policy with the NWebSec NuGet package
The basic configuration level is working at this moment but trying to add nonce for each script and style in the project.
How to add a nonce to the below tags for inline?
#Styles.Render("~/Content/css/file")
For BundleConfig,
bundles.Add(new ScriptBundle("~/Content/Scripts").Include(
"~/Content/Scripts/General.js"
));
I tried with a new class and it's working but with the NWebSec package I going nowhere.
Below is their solution with #Html.CspScriptNonce() directives and this is working.
<script #Html.CspScriptNonce()>document.write("Hello world")</script>
<style #Html.CspStyleNonce()>
h1 {
font-size: 10em;
}
</style>
The solution I tried was to use #Styles.RenderFormat in the following way:
#Styles.RenderFormat("<link href=\"{0}\" rel=\"stylesheet\" " + #Html.CspStyleNonce() +"/>","~/Content/css/file")
When using NWebSec with ASP.Net MCV Bundles, you can not apply a Nonce, but luckily you don't need to.
There might be something you need to change in your web.config though. In the nwebsec > httpHeaderSecurityModule > securityHttpHeaders > content-Security-Policy section, make sure that self="true" for both style-src and script-src. self="true" is the default, though, so if you don't need those elements for any other declarations, you can omit them.
Here's the nwebsec section in my web.config. I'm using both style and script bundles, and have no third-party scripts.
<nwebsec>
<httpHeaderSecurityModule xmlns="http://nwebsec.com/HttpHeaderSecurityModuleConfig.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="NWebsecConfig/HttpHeaderSecurityModuleConfig.xsd">
<securityHttpHeaders>
<content-Security-Policy enabled="true">
<default-src self="true" />
<font-src self="true">
<add source="https://fonts.gstatic.com" />
</font-src>
<object-src none="true" />
<style-src self="true">
<add source="https://fonts.googleapis.com" />
</style-src>
<base-uri none="true" />
</content-Security-Policy>
</securityHttpHeaders>
</httpHeaderSecurityModule>
</nwebsec>
I've successfully added a custom form to the advanced search interface in Alfresco, but I'm facing a problem. Here's my custom form (search-config-custom.xml):
<config evaluator="model-type" condition="cv:document">
<forms>
<form id="search">
<field-visibility>
<show id="cv:appl_name" />
<show id="cv:appl_surn" />
<show id="cv:appl_phone" />
<show id="cv:appl_lang_1" />
<show id="cv:appl_level_1" />
<show id="cv:appl_lang_2" />
<show id="cv:appl_level_2" />
<show id="cv:appl_lang_3" />
<show id="cv:appl_level_3" />
</field-visibility>
</form>
</forms>
</config>
The form is basically querying information regarding job applicants. Applicants can enter up to three foreign languages in their profile, and assign a level of proficiency to them.
Now, here's the problem: let's say a recruiter wants to search for candidates with a high level of Spanish. As I have my form now, they would have to enter "Spanish" in the three language fields in order to get reliable results, as it's not known beforehand the order in which candidates entered their languages, if any.
So, I'm looking for a way to have a field that can automatically search across all the different language fields, so that instead of having "Language 1", "Language 2" and "Language 3", I can simply have "Languages" as a single search field. Then, language fields should be associated with their respected levels, and I really don't know how to do this.
Here's the content model the custom search form is querying:
<types>
<type name="cv:document">
<title>Job Application</title>
<parent>cm:content</parent>
<properties>
<property name="cv:appl_name">
<title>Applicant's first name</title>
<type>d:text</type>
</property>
<property name="cv:appl_surn">
<title>Applicant's last name</title>
<type>d:text</type>
</property>
<property name="cv:appl_phone">
<title>Applicant's phone number</title>
<type>d:text</type>
</property>
<property name="cv:appl_lang_1">
<title>Language 1</title>
<type>d:text</type>
</property>
<property name="cv:appl_level_1">
<title>Level for Language 1</title>
<type>d:text</type>
</property>
<property name="cv:appl_level_2">
<title>Level for Language 2</title>
<type>d:text</type>
</property>
<property name="cv:appl_level_3">
<title>Level for Language 3</title>
<type>d:text</type>
</property>
</properties>
</type>
</types>
I'm running Alfresco 5.0.0.
You could edit your SOLR schema to add a new SOLR field which would be filled with all languages. Then you'd query against that single field.
For example.
<field name="all" type="text___" indexed="true" omitNorms="false" stored="false" multiValued="true" />
<copyField source="*" dest="all" />
I would like to encrypt a subsection of a web.config (not a top level section). for example:
<SomeSection>
<settings>
<add name="foo" value="bar" />
</settings>
<secretSettings>
<add name="password" value="foobar" />
</secretSettings>
</SomeSection>
Is there a way to encrypt the <secretSettings> subsection similar to this method? Note I cannot simply move the subsection into a main section because there is code which is outside of my control that is currently using it.
I'm using Alfresco Share and I have a property with a default value
<property name="my:Property1">
<title>Property1</title>
<type>d:text</type>
<multiple>true</multiple>
<default>0</default>
</property>
I have customised the advanced search
<form id="search">
<field-visibility>
<show id="my:Property1"/>
</field-visibility>
<appearance>
<field id="my:Property1" label-id="Property1">
</appearance>
</form>
In Advanced search this property is initially filled with a default value, in my case with 0. Is there any way to remove that value from a search field?
I guess in this case it's best to create a custom Share Form controller like the textfield.ftl.
In the default controller there is a freemarker entry {field.value}. Just remove this entry throughout the template and there won't be any default value shown.
I'm having a bit of a problem keeping values from appearing in scope for all users. I'm not sure what exactly I may be doing wrong, but I'm at wits end. I'm thinking either I have my container objects scoped wrong or I'm passing the values along the WebContext. First, here's what I'm doing in code. This works, but it's showing details for the first user who logs into the site (note: my PageStore is just a property of type IDictionary that stores values to share to all user controls on the page):
using (BasePage page = (BasePage)(Spring.Web.UI.Page)this.Context.Handler) {
if ((page.PageStore("LoginId") != null)) {
this.Model.LoginId = Convert.ToString(page.PageStore("LoginId"));
}
}
Second, I've tried different scopes for my objects but I'm coming up empty. Here is how my objects are currently configured in the container:
Snippet of my business tier configuration
<!-- Transaction Management Strategy - local database transactions -->
<object id="transactionManager"
type="Spring.Data.Core.AdoPlatformTransactionManager, Spring.Data" scope="request">
<property name="DbProvider" ref="MyProvider"/>
</object>
<tx:attribute-driven transaction-manager="transactionManager" />
<!-- Data Access Objects -->
<object id="DataAccess" type="MyApp.Business.DataAccess.DataAccess, MyApp.Business.DataAccess" abstract="true" scope="request">
<property name="AdoTemplate" ref="MyTemplate" />
</object>
<object id="ManagerDAO" type="MyApp.Business.DataAccess.ManagerDAO, MyApp.Business.DataAccess" parent="DataAccess" scope="request">
<property name="TableName" value="vw_managers" />
<property name="IsAllowedDeletion" value="False" />
<property name="IsAllowedUniqueIdRetrieval" value="False" />
</object>
<!-- Services -->
<object id="SearchService" type="MyApp.Business.Services.SearchService, MyApp.Business.Services" scope="request">
<property name="ManagerDAO" ref="UserDAO" />
</object>
Snippet of my presentation layer:
<object id="BasePageModel" type="MyApp.Presentation.Models.BasePageModel, MyApp.Presentation" abstract="true" scope="session"/>
<object id="ManagerModel" type="MyApp.Presentation.Models.ManagerModel, MyApp.Presentation" parent="BasePageModel" scope="session"/>
<!-- Presenters-->
<object name="ManagerPresenter" type="MyApp.Presentation.Presenters.ManagePresenter, MyApp.Presentation" singleton="false" scope="session">
<property name="SearchSvc" ref="SearchService"/>
</object>
Snippet of my UI layer objects:
<!-- Pages -->
<object id="BasePage" type="MyApp.UI.BasePage, MyApp.UI" abstract="true" singleton="false" scope="session" />
<object id="StandardPage" parent="BasePage" abstract="true" singleton="false" scope="session">
<property name="MasterPageFile" value="~/Layouts/Site.master"/>
</object>
<object type="~/Pages/Manager.aspx" parent="StandardPage" singleton="false" scope="session"/>
I know there are 100 ways to skin this cat, but the fastest solution is to just get this configured properly and drive on. Is my configuration flaky or am I going about this all wrong?
Edit: Common sense is starting to kick in....IDictionary isn't thread safe.
Fixed my problem. Switched my Dictionary objects to thread safe ConcurrentDictionary objects and fixed my scoping issues. For the scopes, my business tier objects are singletons, my model objects are in the session scope, and my views(user controls) and pages are now set to the request scope, non-singletons.