为http/3做准备

src/Masuit.MyBlogs.Core/Common/HttpContextExtension.cs

@@ -1,6 +1,9 @@
-using Masuit.Tools;
+using DnsClient;
+using Masuit.Tools;
 using Microsoft.AspNetCore.Http;
 using Microsoft.Net.Http.Headers;
+using System.Linq;
+using System.Threading;
 
 namespace Masuit.MyBlogs.Core.Common
 {
@@ -21,6 +24,27 @@ namespace Masuit.MyBlogs.Core.Common
         /// </summary>
         /// <param name="req"></param>
         /// <returns></returns>
-        public static bool IsRobot(this HttpRequest req) => UserAgent.Parse(req.Headers[HeaderNames.UserAgent].ToString()).IsRobot;
+        public static bool IsRobot(this HttpRequest req)
+        {
+            var robotUA = UserAgent.Parse(req.Headers[HeaderNames.UserAgent].ToString()).IsRobot;
+            if (robotUA)
+            {
+                var nslookup = new LookupClient();
+                using var cts = new CancellationTokenSource(100);
+                return nslookup.QueryReverseAsync(req.HttpContext.Connection.RemoteIpAddress, cts.Token).ContinueWith(t => t.IsCompletedSuccessfully && t.Result.Answers.Any(r => r.ToString().Contains(new[]
+                {
+                    "baidu",
+                    "google",
+                    "bing",
+                    "360",
+                    "sogou",
+                    "soso",
+                    "yahoo",
+                    "yandex",
+                }))).Result;
+            }
+
+            return robotUA;
+        }
     }
 }

src/Masuit.MyBlogs.Core/Controllers/BaseController.cs

@@ -16,7 +16,6 @@ using Masuit.Tools.Strings;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Filters;
-using Microsoft.Net.Http.Headers;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -240,24 +239,29 @@ namespace Masuit.MyBlogs.Core.Controllers
 
         protected void CheckPermission(List<PostDto> posts)
         {
-            var location = Request.Location() + "|" + Request.Headers[HeaderNames.UserAgent];
+            if (CurrentUser.IsAdmin || VisitorTokenValid || Request.IsRobot())
+            {
+                return;
+            }
+
+            var location = Request.Location() + "|" + string.Join("", Request.Headers.Values);
             posts.RemoveAll(p =>
             {
                 switch (p.LimitMode)
                 {
                     case RegionLimitMode.AllowRegion:
-                        return !location.Contains(p.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries)) && !CurrentUser.IsAdmin && !VisitorTokenValid && !Request.IsRobot();
+                        return !location.Contains(p.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries));
                     case RegionLimitMode.ForbidRegion:
-                        return location.Contains(p.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries)) && !CurrentUser.IsAdmin && !VisitorTokenValid && !Request.IsRobot();
+                        return location.Contains(p.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries));
                     case RegionLimitMode.AllowRegionExceptForbidRegion:
-                        if (location.Contains(p.ExceptRegions.Split(',', StringSplitOptions.RemoveEmptyEntries)) && !CurrentUser.IsAdmin && !VisitorTokenValid)
+                        if (location.Contains(p.ExceptRegions.Split(',', StringSplitOptions.RemoveEmptyEntries)))
                         {
                             return true;
                         }
 
                         goto case RegionLimitMode.AllowRegion;
                     case RegionLimitMode.ForbidRegionExceptAllowRegion:
-                        if (location.Contains(p.ExceptRegions.Split(',', StringSplitOptions.RemoveEmptyEntries)) && !CurrentUser.IsAdmin && !VisitorTokenValid)
+                        if (location.Contains(p.ExceptRegions.Split(',', StringSplitOptions.RemoveEmptyEntries)))
                         {
                             return false;
                         }

src/Masuit.MyBlogs.Core/Controllers/PostController.cs

@@ -102,32 +102,37 @@ namespace Masuit.MyBlogs.Core.Controllers
 
         private void CheckPermission(Post post)
         {
-            var location = Request.Location() + "|" + Request.Headers[HeaderNames.UserAgent];
+            if (CurrentUser.IsAdmin || VisitorTokenValid || Request.IsRobot())
+            {
+                return;
+            }
+
+            var location = Request.Location() + "|" + string.Join("", Request.Headers.Values);
             switch (post.LimitMode)
             {
                 case RegionLimitMode.AllowRegion:
-                    if (!location.Contains(post.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries)) && !CurrentUser.IsAdmin && !VisitorTokenValid && !Request.IsRobot())
+                    if (!location.Contains(post.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries)))
                     {
                         Disallow(post);
                     }
 
                     break;
                 case RegionLimitMode.ForbidRegion:
-                    if (location.Contains(post.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries)) && !CurrentUser.IsAdmin && !VisitorTokenValid && !Request.IsRobot())
+                    if (location.Contains(post.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries)))
                     {
                         Disallow(post);
                     }
 
                     break;
                 case RegionLimitMode.AllowRegionExceptForbidRegion:
-                    if (location.Contains(post.ExceptRegions.Split(',', StringSplitOptions.RemoveEmptyEntries)) && !CurrentUser.IsAdmin && !VisitorTokenValid)
+                    if (location.Contains(post.ExceptRegions.Split(',', StringSplitOptions.RemoveEmptyEntries)))
                     {
                         Disallow(post);
                     }
 
                     goto case RegionLimitMode.AllowRegion;
                 case RegionLimitMode.ForbidRegionExceptAllowRegion:
-                    if (location.Contains(post.ExceptRegions.Split(',', StringSplitOptions.RemoveEmptyEntries)) && !CurrentUser.IsAdmin && !VisitorTokenValid)
+                    if (location.Contains(post.ExceptRegions.Split(',', StringSplitOptions.RemoveEmptyEntries)))
                     {
                         break;
                     }

src/Masuit.MyBlogs.Core/Controllers/SubscribeController.cs

@@ -205,15 +205,15 @@ namespace Masuit.MyBlogs.Core.Controllers
 
         private void CheckPermission(List<Post> posts)
         {
-            var location = Request.Location() + "|" + Request.Headers[HeaderNames.UserAgent];
+            var location = Request.Location() + "|" + string.Join("", Request.Headers.Values);
             posts.RemoveAll(p =>
             {
                 switch (p.LimitMode)
                 {
                     case RegionLimitMode.AllowRegion:
-                        return !location.Contains(p.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries)) && !Request.IsRobot();
+                        return !location.Contains(p.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries));
                     case RegionLimitMode.ForbidRegion:
-                        return location.Contains(p.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries)) && !Request.IsRobot();
+                        return location.Contains(p.Regions.Split(',', StringSplitOptions.RemoveEmptyEntries));
                     case RegionLimitMode.AllowRegionExceptForbidRegion:
                         if (location.Contains(p.ExceptRegions.Split(',', StringSplitOptions.RemoveEmptyEntries)))
                         {
@@ -241,7 +241,7 @@ namespace Masuit.MyBlogs.Core.Controllers
 
         private void CheckPermission(Post post)
         {
-            var location = Request.Location() + "|" + Request.Headers[HeaderNames.UserAgent];
+            var location = Request.Location() + "|" + string.Join("", Request.Headers.Values);
             switch (post.LimitMode)
             {
                 case RegionLimitMode.AllowRegion:

src/Masuit.MyBlogs.Core/Program.cs

@@ -36,6 +36,7 @@ namespace Masuit.MyBlogs.Core
             opt.ListenAnyIP(port.ToInt32());
             if (bool.Parse(config["Https:Enabled"]))
             {
+                opt.EnableAltSvc = true;
                 opt.ListenAnyIP(sslport.ToInt32(), s =>
                 {
                     if (Environment.OSVersion.Platform == PlatformID.Win32NT && Environment.OSVersion.Version.Major >= 10)

src/Masuit.MyBlogs.Core/Startup.cs

@@ -109,7 +109,12 @@ namespace Masuit.MyBlogs.Core
                 Path = "lucene"
             }); // 配置7z和断点续传和Redis和Lucene搜索引擎
 
-            services.AddHttpClient("", c => c.Timeout = TimeSpan.FromSeconds(30)).AddTransientHttpErrorPolicy(builder => builder.Or<TaskCanceledException>().Or<OperationCanceledException>().Or<TimeoutException>().OrResult(res => !res.IsSuccessStatusCode).RetryAsync(5)).ConfigurePrimaryHttpMessageHandler(() =>
+            services.AddHttpClient("", c =>
+            {
+                c.DefaultRequestVersion = new Version(2, 0);
+                c.DefaultVersionPolicy = HttpVersionPolicy.RequestVersionOrHigher;
+                c.Timeout = TimeSpan.FromSeconds(30);
+            }).AddTransientHttpErrorPolicy(builder => builder.Or<TaskCanceledException>().Or<OperationCanceledException>().Or<TimeoutException>().OrResult(res => !res.IsSuccessStatusCode).RetryAsync(5)).ConfigurePrimaryHttpMessageHandler(() =>
             {
                 if (bool.TryParse(Configuration["HttpClientProxy:Enabled"], out var b) && b)
                 {
@@ -121,7 +126,11 @@ namespace Masuit.MyBlogs.Core
 
                 return new HttpClientHandler();
             }); //注入HttpClient
-            services.AddHttpClient<ImagebedClient>().AddTransientHttpErrorPolicy(builder => builder.Or<TaskCanceledException>().Or<OperationCanceledException>().Or<TimeoutException>().OrResult(res => !res.IsSuccessStatusCode).RetryAsync(3)); //注入HttpClient
+            services.AddHttpClient<ImagebedClient>(c =>
+            {
+                c.DefaultRequestVersion = new Version(2, 0);
+                c.DefaultVersionPolicy = HttpVersionPolicy.RequestVersionOrHigher;
+            }).AddTransientHttpErrorPolicy(builder => builder.Or<TaskCanceledException>().Or<OperationCanceledException>().Or<TimeoutException>().OrResult(res => !res.IsSuccessStatusCode).RetryAsync(3)); //注入HttpClient
             services.AddMailSender(Configuration).AddFirewallReporter(Configuration);
             services.AddBundling().UseDefaults(_env).UseNUglify().EnableMinification().EnableChangeDetection().EnableCacheHeader(TimeSpan.FromHours(1));
             services.SetupMiniProfile();

src/Masuit.MyBlogs.Core/wwwroot/Assets/UEditor/third-party/SyntaxHighlighter/styles/shCore.css

@@ -42,6 +42,7 @@
     }
     .syntaxhighlighter .code .container:before {
         content: "" !important;
+        display: none;
     }
     .syntaxhighlighter .code .container:after {
         content: "" !important;

src/Masuit.MyBlogs.Core/wwwroot/ng-views/controllers/system.js

@@ -18,7 +18,6 @@ myApp.controller("system", ["$scope", "$http", function($scope, $http) {
 		$scope.Settings = settings;
 	});
 	$scope.uploadImage = function() {
-		
         $("#setImageForm").ajaxSubmit({
 			url: "/Upload",
 			type: "post",
@@ -504,36 +503,40 @@ myApp.controller("firewall", ["$scope", "$http","NgTableParams","$timeout", func
 			}
 		}).catch(swal.noop);
 	}
-		$scope.addToBlackList = function(ip) {
-			swal({
-				title: "确认添加黑名单吗？",
-				text: "将"+ip+"添加到黑名单",
-				showCancelButton: true,
-				confirmButtonColor: "#DD6B55",
-				confirmButtonText: "确定",
-				cancelButtonText: "取消",
-				animation: true,
-				allowOutsideClick: false,
-				showLoaderOnConfirm: true,
-				preConfirm: function () {
-					return new Promise(function (resolve, reject) {
-						$http.post("/system/AddToBlackList", {ip}, {
-							'Content-Type': 'application/x-www-form-urlencoded'
-						}).then(function(res) {
-							resolve(res.data);
-						}, function() {
-							reject("请求服务器失败！");
-						});
+	$scope.addToBlackList = function(ip) {
+		swal({
+			title: "确认添加黑名单吗？",
+			text: "将"+ip+"添加到黑名单",
+			showCancelButton: true,
+			confirmButtonColor: "#DD6B55",
+			confirmButtonText: "确定",
+			cancelButtonText: "取消",
+			animation: true,
+			allowOutsideClick: false,
+			showLoaderOnConfirm: true,
+			preConfirm: function () {
+				return new Promise(function (resolve, reject) {
+					$http.post("/system/AddToBlackList", {ip}, {
+						'Content-Type': 'application/x-www-form-urlencoded'
+					}).then(function(res) {
+						resolve(res.data);
+					}, function() {
+						reject("请求服务器失败！");
 					});
-				}
-			}).then(function (data) {
-				if (data.Success) {
-					swal("添加成功",'','success');
-				} else {
-					swal("添加失败",'','error');
-				}
-			}).catch(swal.noop);
-		}
+				});
+			}
+		}).then(function (data) {
+			if (data.Success) {
+				swal("添加成功",'','success');
+			} else {
+				swal("添加失败",'','error');
+			}
+		}).catch(swal.noop);
+	}
+
+	$scope.detail= function(text) {
+        layer.alert(text);
+    }
 }]);
 
 myApp.controller("sendbox", ["$scope", "$http", function ($scope, $http) {

src/Masuit.MyBlogs.Core/wwwroot/ng-views/views/system/firewall.html

@@ -119,13 +119,13 @@
                 {{row.UserAgent}}
             </td>
             <td title="'拦截时间'">
-                {{row.Time|date:'yyyy-MM-dd HH:mm'}}
+                {{row.Time|date:'MM-dd HH:mm'}}
             </td>
             <td filter="{Remark: 'text'}" title="'备注'">
                 {{row.Remark}}
             </td>
-            <td filter="{Headers: 'text'}" title="'请求头'">
-                {{row.Headers}}
+            <td title="'请求头'">
+                <a ng-click="detail(row.Headers)">详情</a>
             </td>
         </tr>
     </table>